Not using SSH Pubkey Authentication is really serious security flaw compare to regular Password Authentication

on

Ilia Rostovtsev asked:

How would using PubkeyAuthentication would be more secure than using PasswordAuthentication, considering the following facts:

  1. Default SSH port is moved from its default
  2. Firewall blacklists an IP after few unsuccessful tries
  3. Password looks pretty complicated (14-20 senseless characters)

My answer:

Suppose somebody got your password from you by swiping the Post-it Note from under your keyboard? Or by using a rubber hose. It would be mostly useless if password authentication is disabled.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

VM in proxmox shows more RAM then assigned?

Why is AWS S3 Object count is measured iin units used to measure file size?

How to fix "no address range available for DHCP request" error?

nginx map rules, case insensative

550 sender rejected – sender domain has no MX/A record. Different IP for MX & A Records

What is the correct way of getting crontab on CentOS 6?