[parliament32]

Why would you not have a passphrase on your key? Passphrase encryption is the default in ssh-keygen and probably every other ssh key generation utility. Having a magic file that grants access to a server scares the crap out of me -- but use the passphrase feature and it's far more secure than password auth.

[freehunter]

You'd be surprised. ssh-keygen allows you to just hit enter and bypass the passphrase with no hoops to jump through and insufficient warning (IMO). Maybe that should be changed. But right now it's all too easy and convenient.

[parliament32]

Well yes, but you're explicitly ignoring instructions at that point.

But I agree, making it more difficult (force the user to consult the man page and look up the flag -- see openssl cert generation) would be better.