I think either
1) pam_ssh.so should be commented out in /etc/pam.d/sshd
or
2) a warning should be added to UPDATING that the behaviour of sshd is 
changed.

Suddenly, identities in ~/.ssh work in 2 directions; not only to login 
some place else, but also to authenticate from remote on the local 
machine, regardless the contents of authorized_keys.

PS. There's an extra .Nx at the bottom of pam.8.

dieter

-- 
 	For Speedy CVS Updates of your NetBSD trees check
 		http://moon.vub.ac.be/scu
--
 	There is virtue in doing the right thing just for
 	the sake of doing it right.  -- Nicholas Petreley