That depends on the situation. The private keys are on the SSH client machine, so if that is more secure than the SSH server, the setup is more secure than with passwords being on the server.
I don't think so. In my opinion i doesn't matter if you store a plaintext password or a ssh-key, which is not secured by an password. Once Mr. X get's access to the file, he get's instantly access to the account which is guarded by them.
The use of public key authentication is definitely a lot safer against
No, I strongly disagree. By just using public key authentication you gain *no* benefit for security and aren't instantly safer. If you use public-key-mechanisms in a wrong way things get much worse! Especially ssh can be abused in many ways to undermine any security barriers.
You're right, though, that public key authentication isn't automagically good and safe and passwords bad and insecure. It's never that simple.
Hmm, I can agree to that. :-) Regards, Holger ----------------------------------------------------------------------- Holger van Lengerich paderLinx - Neue Informationsmedien GmbH Diplom-Informatiker Cheruskerstrasse 2b, 33102 Paderborn Holger.van.Lengerich@paderlinx.de Fon: +49 5251 8994 - 16 Fax: -20 -----------------------------------------------------------------------