Hi Bruno, Sorry, one thing I said is not correct. The server looks for a copy of your public key in the file ~/.ssh/authorized_keys. You copy your file id_dsa.pub or id_rsa.pub into there when you create a new key. Such a file can contain several different public keys and the possession of any of the corresponding private keys will allow an user to login using challenge-response. Obviously, it is questionable why one should possess more than one different key. They should be protected by different passphrases, otherwise there is no increased security, but them you have to manage those different passphrases. Moreover, you can have different copies of the same key protected by different passphrases. Suppose you want to login in automatically from a very secure machine. You change the passphrase of the resident private key to none in that machine. However, the copy of the key you carry in your laptop or diskette or USB-stick should still be protected by a strong passphrase. Hope this helps. Best, Jaime.