Some times ago I posted about scc tool, here is a short update with some example reports provided. https://dev.to/melezhik/linux-compliance-checks-with-sparrow-plugin-2160
People can use the plugin to check if their Linux configuration files are security compliant
Sparrow is a Raku automation framework


What are you basing this on?
Definitely not NIST 800-53, PCI-DSS, or ISO 27001; all of which stipulate ssh key management not password-based authentication.
Typo )) sorry , meant password less