When setting the UCR var sshd/passwordauthentication: “no” which is in general a good idea besides only allowing key based authentication, then you’ll be confronted with errors (using the diagnostic tile from the web ui):
Machine authentication failed - Login to the remote server with the uid ucs$ and the password from /etc/machine.secret failed. Please check /var/log/auth.log on the remote server for further information.
Why is the inter-machine communication not based on certs? Is there a way to only allow the machine account using password auth and for all others it is forbidden?