Can I restrict authentication types for specific users? (i.e. I want to
restrict most accounts in so far, that they can only be accessed if public key
authentication was used; and only allow password-authentication for a few
specific accounts (I still need the possibility to access those, even if I do
not log in from my laptop or other hosts for which a public key has been added
to the authorized_keys; so basicallty, I want to leave password auth open only
to some accounts as an emergency fallback).

The only thing I've seen in that direction is that permitrootlogin can restrict
this just for the root user (PermitRootLogin without-password), but is there a
way for "normal" users?

Any help would be greatly appreciated!



[using openssh-server 4.2p1-8 on Debian SID, x86]