[kwlug-disc] How to ... having ssh key connected ... ask for password, logout if fail?

[B.S.]

I have set up key files for ssh'ing in. key passphrases are empty. ssh 
me at mine takes me straight to a prompt. This is 'good'.

(1) How to be asked for a password once connected?

(i.e. key files limit external access to ssh server [no keyfile, no 
access] - but with an empty passphrase, how to know the user is 
authorized / the key didn't get copied somewhere else / someone else 
isn't using it?) [Ignore proper permissions / file restriction settings 
- assume root is accessing the file.]

Really, I'd like to be asked to log in post ssh passwordless connect, 
and logged out if that fails.

The beginnings of an answer appears to be to create a ~.ssh/rc script. 
(Which runs sh, not bash, BTW.) [[ ${SSH_CONNECTION:1:11} == $local_lan 
]] no workie.

'login' doesn't do it, won't even run - once connected, one is in a 
non-root environment. 'kill -9 $PPID' doesn't logout - only kills the 
shell calling rc.

(2) How to force logout if password verification fails?

See 'login' doesn't do it. Note (kubuntu 12.04) has no logout command. 
logout IS an internal bash command, but not an internal sh (dash) 
command - which is how rc gets run. 'kill -HUP `ps -ef |grep $USER|grep 
bash|awk {'print $2'}`' would do it, but also kills all local shells at 
the same time - undesirable.

(3) or ... how to limit remote connections to ssh (not knowing where one 
might be, with their usb stick containing the keyfiles, that day), then 
login with password as usual?