In article < XXXX@XXXXX.COM >
HostbasedAuthentication doesn't use authorized_keys, that's for
PubkeyAuthentication. Anyway the answer is "sort of" for both - i.e. it
can be set up the way you want, but you normally can't make sure it
stays that way.
HostbasedAuthentication isn't used much, since the security is pretty
weak - I believe it's disabled by default in most sshd installations.
But anyway you could set it up with the client's public key in that
user's ~/.shosts file, and IgnoreRhosts=no in sshd_config. But then
normally nothing prevents that user from adding other client public
keys to his ~/.shosts, or other users from adding any client public keys
With PubkeyAuthentication, you could set up that user's
~/.ssh/authorized_keys with the *user's* public key, and the added
restriction of a from= option. But then normally nothing prevents that
user from removing that restriction, or other users from putting
whatever they want in their ~/.ssh/authorized_keys. Of course this
situation is the default in most sshd installations.
All of the above applies to OpenSSH, don't know about others, you didn't
say what SSH implementation you were asking about.