On Wed, Jul 08, 2009 at 11:18:43PM +0200, Sebastian Posner wrote:
Jim Popovitch wrote:Is there a way to force keys AND passwd verification?Normally you'd want to DISABLE PasswordAuthentication and ChallengeResponseAuthentication
...
Something that would indeed be interesting is a way to enforce that the PRIVATE KEY is password-protected - sadly, you can't see this from the public key, and I'm not aware of any possibility to query the client concerning this specific matter.
You can't, which is why it is useful to have both passwords and keys simultaneously--you can enforce a policy on a password.
Mike Stone