look here for info about setting up passwordless RSA authentication. Or read the ssh manpage.

spoofing ip addresses/mac addresses won't work with this method since it's key based, not host based. If someone had access to your private key, then they could use your account to machines that you already set up a trust relationship with. But the only person besides you who could access that key is root (it wont work unless your keys are set go-rwx). And if you don't trust the admin on your machine, you shouldn't set this up in the first place.

Also, make sure you are using the legally correct version of SSH. SSH2 is much more restrictive than SSH1, and ssh-1.2.27 is the last version free for all use. Read the license. You may also want to check out OpenSSH which is released under the BSD license.

BlueLines

Disclaimer: This post may contain inaccurate information, be habit forming, cause atomic warfare between peaceful countries, speed up male pattern baldness, interfere with your cable reception, exile you from certain third world countries, ruin your marriage, and generally spoil your day. No batteries included, no strings attached, your mileage may vary.