Improve SSH configuration for nodes

Ensure hostbased auth works with configs, remove erroneous old
conditional for authtypes, remove obsolete config option.

roles/base/templates/etc/ssh/sshd_config.j2

@@ -6,7 +6,6 @@ ListenAddress ::
 ListenAddress 0.0.0.0
 Protocol 2
 HostKey /etc/ssh/ssh_host_ed25519_key
-UsePrivilegeSeparation yes
 SyslogFacility AUTH
 LogLevel INFO
 LoginGraceTime 120
@@ -29,15 +28,9 @@ PubkeyAuthentication yes
 PermitEmptyPasswords no
 ChallengeResponseAuthentication no
 PasswordAuthentication no
-{% if 'hv' in group_names %}
 HostbasedAuthentication yes
 HostbasedUsesNameFromPacketOnly yes
 IgnoreRhosts no
-PermitRootLogin yes
-{% else %}
-HostbasedAuthentication no
-IgnoreRhosts yes
 PermitRootLogin no
-{% endif %}
 
 Subsystem sftp /usr/lib/openssh/sftp-server -f AUTH -l INFO