The most significant thing imho is that you separate authentication (by showing your private key) and access control (the system holding a list of public keys that are valid for access). You only need one passphrase to decode your private key and can use that for all systems that you logon to, even when system administration on those system is not to be trusted (with passwords they could take that password and try to use it to access other systems where you have access).
If you are confident about the secure access to your workstation you can use an ssh-agent (like pageant that comes with PuTTY) and not have to type in the passphrase all the time (and avoid people pick up your password looking over your shoulder). Rob -- Rob van der Heij rvdheij @ gmail.com ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390