Which SSH authorization method is safer: password or ssh key?

Our hosting allows for password and SSH key authentication, but for security reasons, it is recommended to use SSH key authentication instead of passwords.

Sources why SSH key authentication is more secure:

1. Complexity of cracking: SSH keys are long random strings of characters that are very difficult to guess or crack, while passwords can be easily guessed or brute-forced.

2. Transmission security: When using a password for authentication, it is transmitted in plain text over the network, making it vulnerable to interception. In contrast, SSH keys are used in combination with public and private keys that are encrypted and transmitted securely.

3. Access control: SSH keys can be configured to give access only to specific users or user groups, providing more precise access control than using passwords.

4. Auditing: When using SSH keys, it is easier to audit user actions since it is possible to track who and when used the key to access the system.

5. Convenience: SSH keys do not require entering a password every time when connecting to the server, making it easier and faster to work with the system.

Therefore, using SSH keys for authentication is a more secure and recommended method than using passwords. However, it is important to ensure that the keys are stored in a secure location and properly configured for maximum security.

You can learn how to generate and use SSH keys on the HMARa.io service here.