Hello! My ISP shell account has ssh1 available, and
I use it to connect to my debian-based server. From following
the FAQ and the archives, I've got RSA authentication working
well, so I can ssh from me@isp into user@server without
supplying a password. Very keen.
But I need to make it more difficult now. :) I want
to do host-based authentication *and* password authentication
together. That is, I want the host-based part to be necessary
but not sufficient. My intent is to allow me to cycle the
login passwd regularly on the server, giving some measure of
added security without having to affect the client-side files
(which, being on a big ISP's box, are likely to be compromised
on a regular basis).
Doable? Any help appreciated!
tia,
Scott
