-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
River Tarnell:
in fact, since you never have to change it, or remember it, or use a different one for each site, it's likely to be a lot easier.
one other problem with password authentication: many users do use the same one for different sites, even if it's a bad idea. if the Toolserver was compromised, and we used Kerberos auth, an attacker could easily install a trojaned ssh server or client which recorded every user's password, and then use those passwords to attack other sites. (this is how Apache.org was compromised, except it was SF with the trojaned SSH instead of the Toolserver.)
conversely, with public keys, an evil server cannot do anything to compromise the security of the private key, since it's never sent to the server.
- river.