> This may help react to compromised keys/passwords, configuration issues [...] This use case is best handled at the network layer (i.e.: use a firewall to block connections except from IT staff). As a bonus, it wouldn't require any change to the SSH protocol, nor any new & complex code to be written and maintained long-term. - Joe