I have tested in Debian and this works. Two things: (1) It requires
PasswordAuthentication yes or KbdInteractiveAuthentication yes. The OP probably has both set to no for the user, so it's good to explicitly state this has to be changed. (2) "assuming that your system uses PAM" –And that your sshd uses PAM. E.g. in Linux OpenSSH can be configured to use PAM or not. AFAIK Debian and its derivatives put UsePAM yes in /etc/ssh/sshd_config they ship, but for OpenSSH itself the default value is no. If the solution does not work, one shall check the state of this option.