Not using SSH Pubkey Authentication is really serious security flaw compare to regular Password Authentication

on

Ilia Rostovtsev asked:

How would using PubkeyAuthentication would be more secure than using PasswordAuthentication, considering the following facts:

  1. Default SSH port is moved from its default
  2. Firewall blacklists an IP after few unsuccessful tries
  3. Password looks pretty complicated (14-20 senseless characters)

My answer:

Suppose somebody got your password from you by swiping the Post-it Note from under your keyboard? Or by using a rubber hose. It would be mostly useless if password authentication is disabled.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

Enabling SSH multiplexing for a series of commands, then closing it

Using FreeIPA for centralized sudo – how to specify ALL commands?

How to redirect HTTP request based on URL parameter?

Security policy: servers without root/administrator password

Is there a way to automatically add network interfaces to systemd-networkd and/or netplan?

Setup IPv6 on CentOS 7 in a ESXi-VM by OVH