There’s a new setting to manage PasswordAuthentication in sshd_config
yunohost settings set security.ssh.password_authentication -v no
Then the hook /etc/yunohost/hooks.d/conf_regen/04-ssh_pwd is partially obsolete and the use of this new setting is to be preffered.
It seems however that it is necessary to use UsePam = no and ChallengeResponseAuthentication = no. The default yunohost config ssh leaves UsePam = yes.
If anyone can complete this answer. Perhaps the new setting should also modify UsePam to No?