connection manager system in network
 

Hi!
I just wanted to know what's your opinion on my problem.
I have few linux servers that can be located on any place in the world, only port 22 is open. At my office I need connection to every server, but every server must be isolated from every server.

So by now I worked only with ssh authorization by username and password.

What seems to be preferable ?.

1 Going on working with ssh with authorization.
2 working with ssh but with adding keys
3 start to work with vpn

So if I am keeping use ssh with authorization I need something that will change password every month only for security

working with ssh key, it seems like key depends on gateway where key created so if change gateway I lost connection

using vpn sounds good but in this case I mush isolate servers from each other

The best solution I think is combination of any two methods

So what do you think
If anyone has experience in this area please tell me
I will appreciate for further reading

Thanks

it is not good idea to put your server on internet if security is concern. what is the reason behind to separate servers of each other that I dont know but it can be achieved by network configuration on the servers. VPN is good to access server privately and securely. In this case you can also add more security by changing password every month or using OTP (one time password) generator like Alladin.

so VPN is good solution to be in one network with the servers, but however I must protect them against console connection, so there has to be something with ssh password change.
OTP is good idea so I can change password for every connection