I set security_ssh_permit_root_login to yes today, and I got locked out of SSH. This is because it casted it to True when writing the file. That is not a valid value, and it causes SSH to fail starting.

It should cast it to yes instead.

I'm thinking about how to do this most elegantly and will probably send a PR.

Perhaps just a minor docs tweak to emphasize that either value MUST be quoted is enough. I think this is a config error from my side.

Yeah, this is one case where the value must be quoted, since it has to be a yes or no in the resultant config file.