What was the final resolution of this thread? Does key-based authentication provide secure auth if cipher none is used? What about rhosts-rsa? -- Mike Stone