I've done a bit of research both here and elsewhere concerning the following and haven't found a clear-cut answer, but I apologize in advance if this has already been answered in the archives.

I am fairly novice with both PAM and OpenSSH. I just installed OpenSSH on my RedHat Linux box, copied sshd.pam -> /etc/pam.d/sshd, started sshd, and was able to login to a different account on the system via ssh. Can I be sure that all data is being transfered encrypted when logged in via ssh? The reason I question that is because I have read so much about the ~/.ssh/identity[.pub] files when reading about SSH and I didn't create any of these files. Is PAM authentication a completely separate option from using RSA/DSA (I think that's what the identity[.pub] files represent)? This is what I'm unclear on.

Thanks in advance for any help clearing this up.

Ryan

Yes they are totally different. PAM, or Pluggable Authentication Modules, is a library that enables the local system administrator to choose how individual applications authenticate users. RSA and DSA are encryption algorithms.

Ok, so then I do need to set up the ~/.ssh/identity[.pub] files to ensure that data is encrypted? Even after I do have this set up, how do I verify that everything is being tranfered encrypted?

NO, SSH is always encrypted by default. You can set it up to fall back to unencrypted, but it will still give you a warning. The indentity.pub file is used when you want to setup public key pair authentication. In this case you would not be prompted for a password. This is from the man page:

Ok, thanks for clearing that up.