> > only or *both* with the password.
>
> You can configure the server (sshd) to prohibit (server-end) password
> access and allow *only* user RSA authentication.
So this would mean using SSH1 instead of SSH2. Not hard with OpenSSH
server which can distinguish between the two automatically.
> > At work I use secureID *and* a password, one is useless without the other.
> > IMHO, this is what SSH2 should be as well... passphrase AND password.
>
> OK, lets look at SecureID for a moment. The "token" contains a hash
> function which is run once a minuit with the previous hash value *and*
> a unique "secret" used as the inputs. This time-varying hash value is
> used as the "password" for an otherwise normal "login" process (telnet,
> FTP, &c).
My secureID at work requires us to enter "pass/token" as the password.
Thanks... Dan.
