Require SSH keys for login / SFTP
Once SSH keys have been set up on a server, password login should be disabled, or at least have an option to disable it.
Chris Dart commented
I definitely agree. This is increasingly required for PCI compliance now.
Yes I definitely agree with this suggestion.
This is a big security issue for me, should really be able to disable password logins.