Key authentication Ubuntu

[freelance84]

I've recently set up my own server on ubuntu, however i was wondering. I think that using a long password to log in via ssh is more secure than using keys...

 

If someone got onto my computer then they would have direct access to my server with out the need of a password....

 

Also, using secure keys is a bit annoying as i then have to create a new key for every computer wanting access to the server, if i ever need to access the server away from work for what ever reason i will have difficulties.

 

If the passwords are changed on a regular basis?

[trq]

I don't understand the question.

[freelance84]

 

The following link: http://www.rackspace.com/knowledge_center/index.php/Basic_Cloud_Server_Security#SSH_keygen

 

Discusses the use of keys, one held on the server and one on the local machine you are accessing the server from.

 

It also says to configure the sshd_config file to not accept passwords, thus only allow access to the server with matching keys.

 

 

I was just wondering how other people dealt with this, do other people use keys to access their servers or not? As passwords add a bit of flex, allowing users to access the server from different machines without having to create new keys all the time.

[trq]

I use keys for all server access. They are more secure and are allot more convenient once setup.

[freelance84]

 

Yea I think I have swung back around to using keys. Cheers