testing
	exercise ssh-rsa
key exchange
	set hostcertimpl in server implementations of key exchange, too
authentication:
	authpublickey
	authsrvpassword
	authsrvpublickey
	authsrvkbdinteractive
	disable password authentication when cipher 'none' is in use
	consider reverse lookup and match in certificate database
error handling
	for key files
	for configuration files
	trap relative paths in configuration files
overhaul key, certificate, and signature management
	implement draft-ietf-secsh-publickeyfile
minimal tty handling (some code in unix.c already)
	EOF at password prompt should abort
handling of unrecognized messages
consider implementing SDCTR mode ciphers
free pool for message structures
distinguish between interactive and non-interactive mode
