Following is the process to deploy a script on the server where PermitRootLogin in sshd_config is needed to be yes, and it is being set to no by chef-client, basically instead of commenting Chef-Client, this script will change the attribute to yes.

Script:

Login on the server and go to root access : sudo -s

Following script lies under /home/centos/script

changesshd_conf.sh

#!/bin/bash
 
logfile="/home/centos/log/changesshd_conflogs.txt"
 
sed -i 's/PermitRootLogin no/PermitRootLogin yes/g' /etc/ssh/sshd_config
 
if [[ "${?}" -ne 0 ]]; then
   echo "The sshd_config file was not modified successfully" >> $logfile
   exit 1
fi
 
systemctl restart sshd

Then change the script permission to - chmod 775 changesshd_conf.sh
Now, add it to the cronjob of root exactly +5 to the chef-client's scheduled timing.
#Added to override Chef Change on RootLogin
2,32 * * * * /bin/sleep 14; /home/centos/script/changesshd_conf.sh > /home/centos/log/changesshdcronlogs.log 2>&1