passphrase quality

[Darren Moffat]

>No.  ssh-keygen should never be pamifed. It is worthless to do so.
>
>If we are going to enforce passphrase quality it should be for all OSes.
>The world does not revolve around Linux.  No matter what the press may
>think.

The Linux community didn't invent PAM, Sun did.  Many more systems
than Linux have PAM, Solaris, HP-UX some BSDs for a start.

Having said that I agree with the comment ssh-keygen shouldn't be pamified,
what you might want to do though is follow the pam model and have a
pluggable set of rules that guide a user into choosing a good passphrase.

--
Darren J Moffat