Which you can already do with sth like:
```
PasswordAuthentication no
Match address 10.0.0.0/8
    PasswordAuthentication yes
Match all
```
in `sshd_config` btw

fiksn

We hope these options will make it significantly more difficult for

attackers to find accounts with weak/guessable passwords or exploit

Why not just remove passwords on all but local networks?

opensource

OpenSSH introduces options to penalize undesirable behavior

beorange

> We hope these options will make it significantly more difficult for
attackers to find accounts with weak/guessable passwords or exploit
bugs in sshd(8) itself.

Why not just remove passwords on all but local networks?