Require SSH keys for login / SFTP
Once SSH keys have been set up on a server, password login should be disabled, or at least have an option to disable it.
Agree with this, this is a security issue also for me. It's strange to have 2FA for login but not SSH password disabling feature... Bruteforce ssh attack are very common...
Agreed, this is needed.
Chris Dart commented
I definitely agree. This is increasingly required for PCI compliance now.
Yes I definitely agree with this suggestion.
This is a big security issue for me, should really be able to disable password logins.