I understand the theoretical superiority to keys, but do we have some data per practically how many times key security actually failed someone?
Setting some sane security parameters for your SSH setup looks like a less jarring/drastic approach into securing SSH further[1]:
- Use keys.
- Allowing only strong cyphers.
- Remove weak primes.
[1]: https://disknotifier.com/blog/simple-ssh-security/
I understand the theoretical superiority to keys, but do we have some data per practically how many times key security actually failed someone?