Correctly document the default value of UsePAM.

crypto/openssh/sshd_config

@@ -72,10 +72,9 @@
 #GSSAPIAuthentication no
 #GSSAPICleanupCredentials yes
 
-# Set this to 'yes' to enable PAM authentication (via challenge-response)
-# and session processing. Depending on your PAM configuration, this may
-# bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords'
-#UsePAM no
+# Set this to 'no' to disable PAM authentication (via challenge-response)
+# and session processing.
+#UsePAM yes
 
 #AllowTcpForwarding yes
 #GatewayPorts no

crypto/openssh/sshd_config.5

@@ -637,7 +637,7 @@ If you enable this, you should probably disable
 If you enable
 .CM UsePAM
 then you will not be able to run sshd as a non-root user.  The default is
-.Dq no .
+.Dq yes .
 .It Cm UsePrivilegeSeparation
 Specifies whether
 .Nm sshd