Trust
Not knowing the various code paths, I can't answer the question of whether disable password login && sshguard is meaningfully more secure than either alone.
But enabling password login in order to see blocked attempts is rather like looking for an exterminator whose work will ensure that you actually see dead termites.
I don't know that there is any drawback to running both. But unless you don't trust the logs to show SUCCESSFUL login attempts, I see no value in configuring so as to guarantee that you will see failures.
|