"Many of us use the excellent OpenSSH (see Resources
later in this article) as a secure, encrypted replacement for the
venerable telnet and rsh commands. One of OpenSSH's more intriguing
features is its ability to authenticate users using the RSA and DSA
authentication protocols, which are based on a pair of
complementary numerical keys. As one of its main appeals, RSA and
DSA authentication promise the capability of establishing
connections to remote systems without supplying a password. While
this is appealing, new OpenSSH users often configure RSA/DSA the
quick and dirty way, resulting in passwordless logins, but opening
up a big security hole in the process.
SSH, specifically OpenSSH (a completely free implementation of
SSH), is an incredible tool. Like telnet or rsh, the ssh client can
be used to log in to a remote machine. All that's required is for
this remote machine to be running sshd, the ssh server process.
However, unlike telnet, the ssh protocol is very secure. It uses
special algorithms to encrypt the data stream, ensure data stream
integrity and even perform authentication in a safe and secure
way.
However, while ssh is really great, there is a certain component
of ssh functionality that is often ignored, dangerously misused, or
simply misunderstood. This component is OpenSSH's RSA/DSA key
authentication system, an alternative to the standard secure
password authentication system that OpenSSH uses by default."
