ssh password versus passphrase

From the files of using the muscles in the anus to think instead of those within the cranium...

We recently had our CVS repository moved. The notice was accompanied by some instructions for how to go about creating a new key for authentication.

The process for generating those keys involved using a web tool which forced one man's security religion into law on everyone unfortunate enough to be forced to use the tool. Specifically, it forced using a passphrase--and one which consisted of a long string of inane characters, numbers, and marks (which of course aren't a part of my natural password creation algorithm...which is where I started getting annoyed). So I went through it... got my files for this end of each future transaction as well as a notice that I'd need to wait for the key to get synced to the box I'd be hitting for authentication.

A day later, I get notice it's there and I'm good to go again. Mind you, "good to go" == "almost where you were before this mess started". Not in a better place, not faster, not happier, but simply "almost back to where you were before we did this to you".

So of course I try to log in and get back to work. Of course until I get my keys configured I'm faced with a password prompt... not once, in order to confirm that its me and I'm authorized to access this box, but rather with every single command that runs against this new repository location.

Better still, when I get my keys configured... instead of typing my ridiculously untypeable password, I get to type my ridiculously untypeable passphrase.

After a day of this I've typed my password hundreds of times now. But thankfully I'm safer from... from, well, I'm not sure who from. The admins that set this up... I doubt it. And for my company, I'm safer only at the cost of productivity which we all know is overrated (*sarcasm*).

So, my new favorite command line sequence is:
>cvs update -dir-
(password prompt... immediately followed by...)

>cvs diff -file-
(...um, password prompt again... followed by...)

>cvs commit -file-
(...um, password prompt again, again...yip it's still me. Yeah, I'm safe!)


And of course it's evil (and now pointless) counterpart:
>cvs update -dir-
(even worse passphrase prompt... immediately followed by...)

>cvs diff -file-
(...um, passphrase prompt again... followed by...)

>cvs commit -file-
(...um, assphrase prompt again...yip it's still me, and only slightly more pissed off than I was 200 characters ago. Yeah, I'm safe!)


So I ask, what the hell are keys for again?!


Please soup nazi, explain to me how my thinking is not so good here. I'll be over here rolling for cast magic missile.