> co-worker wrote: > > You cannot distinguish passphrased keys from passphraseless ones. Is there any way to detect from sshd whether a private key has a passphrase or not? That would allow add a configuration option to be able to reject keys which does not has passphrases? That would be a security enhancement for OpenSSH.