I currently use ssh for various logins from home and from work.
I have set up the logins so that they work without me entering a password or key phrase at all, i.e. I *think* when asked for a key to generate the encrypted string used for authorisation I entered nothing.
I know this creates some security holes but I'm not at all clear what they are really, can anyone elucidate? I realise that anyone with access to my work machine or my home machine will be able to login to these remote systems without knowing the password but that's not a big problem really, there is far more important and sensitive information on my desktop machines than there is on the places where I remotely login. Is this the only risk or is the encryption inherently weaker if I didn't enter a key?