On Monday 14 March 2005 13:36, Christos Zoulas wrote:

> Weak == "empty passphrase". Isn't that right? The issue here is with
> the pam module, loading the weak key and trying to authenticate with
> an empty passphrase. Or am I understanding this incorrectly?

Jumping into the middle of this thread...

It seems to me that the issue is that sshd should not be using the  
_private_ keys at all.  The default install before PAM used only the 
_public_ keys.  The module, pam_ssh, appears to be inappropriate for 
this purpose:

pam_ssh -- authentication and session management with SSH private keys

Regards

Sverre