i would recomend using OpenSSH and keys in copnjunction with keychain which allows you to authenticate manually 'to the ssh-agent, and have subsequent shells become authencated. this way only pub key needs to be readable for you server user. You would have to authenticate manually once when the server starts and anytime after a restart.. i use keychain a lot for various perl automation tasks..