Something Had, Something Known

SecurityFocus HOME Infocus: SSH User Identities

This article describes how to implement public key authentication using SSH as an alternative to, or in conjunction with, user ID/password schemes. The advantage of any public key authentication is that passwords can be left on notepads, witnessed as they are typed, shared among friends, etc. Keys on the other hand can be used freely if they fall into the wrong hands. A combination of the two – something you have, plus something you know, is a better security model that mitigates the risk of either scheme by itself.