[pavel_lishin]

Haven't all of your questions basically been answered in practice by the fact that keys are simple and effective when used to log in over ssh? Do you have a different private key per each server you log into, does a compromised server automatically render your keypair worthless, do you have software to handle keys now?

Haven't your arguments been refuted by the simple fact that people use keypairs every day to log into servers easily and securely? The last time I had to type an account's password was when I had to run "sudo" on a test server.

[tptacek]

The first time you log into an SSH server, your connection is actually insecure (this is also true of every subsequent time you log in and see that yes/no dialog).

[parfe]

It's insecure in that you don't know the identify of the endpoint without verifying the fingerprint out of band. That problem is already solved in browsers thanks to SSL certs and certificate authorities.

[cosgroveb]

Is there any way to be sure of an server's ssh fingerprint before logging in? You need to do that offline right? Maybe a PGP signed e-mail from the sysadmin?

[tptacek]

That's exactly the kind of thing you're supposed to do to verify those keys.

(I don't either).

This is a much bigger deal in a web setting, though.