add info regarding disabling kerberos and public key authentication

admin-guide/configuration/access/mfa.md

@@ -3,6 +3,13 @@
 MFA can be enabled on any standard system with following configuration:
 
 ```yaml
+# disable kerberos authentication
+ssh_server::enable_gssapi: false
+
+# #disable ssh key authentication
+ssh_server::enable_public_key: false
+
+
 aaa::radius_auth: true
 aaa::radius_shared_secret: ENC[PKCS7,MIIBuQYJK...9Z82qA==]
 aaa::radius_servers: [ 'nps01.psi.ch', 'nps02.psi.ch' ]