Comment 12 for bug 1968873

Gauthier, thank you for pointing this out.

I think there are a couple of things that need fixing in cloud-init then:

1) The assumption that appending "PasswordAuthentication yes" to /etc/ssh/sshd_config will override all of sshd's configuration - false because /etc/ssh/sshd_config.d/ now exists (IIRC since Focal).

2) The editing of /etc/sshd_config instead of writing a new file to /etc/sshd_config.d/. This might only work for newer releases though; maybe for systems with older sshd the older behaviour is still the best option.

Unless we can find another way, it doesn't seem like this bug can be fixed until cloud-init is fixed, so I added it as a task for the same bug.