BeginnerPhone
1 min
SSH Keys vs Password Authentication
SecurityLinuxNetworking
Advertisement
Interview Question
Why are SSH key pairs generally preferred over passwords for server access?
Key Points to Cover
- Stronger cryptographic security; not guessable like passwords
- Supports passphrases and agents; no credential reuse
- Easier to rotate/revoke via authorized_keys
Evaluation Rubric
Explains stronger security properties40% weight
Mentions rotation/revocation benefits30% weight
References passphrases/agents30% weight
Hints
- 💡authorized_keys, ssh-agent, passphrase.
Common Pitfalls to Avoid
- ⚠️Not elaborating on *why* cryptographic keys are stronger than passwords (e.g., mathematical complexity, length, resistance to guessing).
- ⚠️Failing to mention the security and convenience benefits of passphrases and SSH agents.
- ⚠️Overlooking the ease of key management, specifically revocation and rotation via `authorized_keys`.
- ⚠️Focusing too much on the mechanics of *generating* keys rather than the security and operational *benefits*.
- ⚠️Understating the common vulnerabilities and risks associated with password-based authentication (e.g., brute-force, dictionary attacks, credential stuffing).
Potential Follow-up Questions
- ❓How do you disable password login in sshd?
- ❓What is SSH certificate auth?
Advertisement