Secure(r) OpenSSH

Ok, so I'm trying to make my SSH server a bit more secure by using the following guide:

http://www.wsrcc.com/wolfgang/sshd-config.html

However, I seem to be able to bypass the pub_key request just by hitting Enter, which then prompts for a less-secure user password (and no, not root)

Any idea why this is?

First thing I noticed on that website:
>PermitRootLogin without-password
Replace with: PermitRootLogin no

Recheck if you have really disabled any kind of password authentication. Post your sshd_config.

Don't use HOWTOs.

%man sshd_config or gtfo

http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5