On Thursday 29 December 2011 14:59:14 Reindl Harald wrote: > the hughe difference is: while having the same password (for the key) > it can not be used directly for brute-force und you need the password > and at least one time access to the key file Explain me how having a key protected by a password avoids brute forcing if you loose the usb stick holding that key? Technology is developing at a scary pace, have a look at this: http://mytechencounters.wordpress.com/2011/04/03/gpu-password-cracking-crack-a-windows-password-using-a-graphic-card/ And this is with a simple card, imagine what you can do with a system with multiple paralel cards... Just to be clear: I'm not arguing which system is better/more secure. I'm just pointing out one downside of having the key in a usb memory. And bruteforcing against ssh servers are really difficult as some others have commented (and even more difficult if you limit failed connections...) Regards