reenabling them (temporarily) should be consciuos admin decision to follow
transition period until they are ultimately removed from openssh. Note
the double-hash comment to indicate, that this is only a hint, not default
#PermitEmptyPasswords no
+
+# Allow DSA keys
#PermitEmptyPasswords no
+
+# Allow DSA keys
-+PubkeyAcceptedKeyTypes +ssh-dss
++## PubkeyAcceptedKeyTypes +ssh-dss
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes