Ilia Rostovtsev asked:
How would using PubkeyAuthentication would be more secure than using PasswordAuthentication, considering the following facts:
- Default SSH port is moved from its default
- Firewall blacklists an IP after few unsuccessful tries
- Password looks pretty complicated (14-20 senseless characters)
My answer:
Suppose somebody got your password from you by swiping the Post-it Note from under your keyboard? Or by using a rubber hose. It would be mostly useless if password authentication is disabled.
View the full question and any other answers on Server Fault.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.