Sorry to reopen this bug report. The issue is still unresolved. And its not a documentation issue, either.
Its not reasonable to install and activate an ssh service at debootstrap time, and then disable it for the only available login because ssh password-based login is vulnerable to a brute force attack. Why was ssh installed in the first place? Regards Harri
