Comment 1 for bug 909942

4) Prompt the user for an ssh public key, and set that up by default. This too allows recommending SSH from the beginning. Unlike password auth, browsers storing the password, password reuse, and weak passwords aren't an issue. Unlike Kerberos, keytab management isn't an issue, and ssh key support is a bit more ubiquitous in ssh client than Kerberos is, I think.