[CentOS] SSH Question relating to Public and Private Keys

Tue Apr 15 05:56:05 UTC 2008
Clint Dilks <clintd at scms.waikato.ac.nz>

Hi People,

The Linux Environment I am responsible for is using ssh key pairs to 
allow access to a number or accounts on a number Linux Servers.  I 
currently have the opportunity to re-design some of this.  So I would 
like to tap into peoples experiences to see what might be some good 
changes to make.  Specifically I have a couple of questions

1. Currently all of the key pairs we are using have empty passphrases is 
it worth the effort of changing this and setting up ssh-agent compared 
to what you gain in security by doing this ?

2. At this stage I am going to use RSA Keys of the default size, is this 
generally the best approach?

Thanks for any thoughts, and have a nice day :)