Is it possible to create a login alias in openssh?

What I mean is:
When I login to my home box locally (ie physically from the machine) I don't need a really secure username and pass. Everyone who has physical access to my computer knows my username and, well, they wouldn't have the time or the tools to crack my pass.

But what if I want to login remotely with ssh? Now a simple username and simple pass won't do. The script kiddies would catch on immeditely.

So I want to be able to login with 'foo/foopass' locally, but when accessing my computer remotely, do NOT allow foo/foopass; instead, have something like b4R/b4Rp4$$!! and only allow that. And I don't mean just creating a new account named b4R, but make an alias so that b4R == foo, but only when logging in remotely.

And keys are not an option, they confuse me and I can't figure out how to get them to work in portable filezilla.

I'm sure this can be done in some PAM module but I am still very new to this so someone, please bear with me

Interesting question - you can obviously login *from* a user account that doesn't match your server account, but I don't know whether OpenSSH can remap account names at the server.

I have to say that this won't increase or decrease your security, though. In practice, an Internet-connected computer with port 22 (SSH) open will be picked up by automated scanners within a few days. These try password guessing against common usernames ("root", "admin", etc.). You can stop them with any uncommon username, or by running SSH on a different port - they are sweeping thousands of addresses to find the one or two that are easy to crack.

If someone knows an account name and really wants to get into your system then they can run password crackers against the account until they eventually get the password, or you block their address (install DenyHosts or fail2ban to automatically block persistent login attempts). The main defense against password-guessing is key-based authentication.

Key-based authentication is well worth doing - not only does it stop password attack, but it also makes using SSH a very smooth experience, since connections don't stop to prompt you for a username and password.

If key-based authentication is implemented properly, you'll still be prompted for a passphrase. The passphrase will be for the key itself. Authenticating with the key can be made transparent by using ssh-agent, which holds private keys used for public key authentication. The agent will ask for the passphrase when adding the key to the agent, but once that is done, there is no longer a need to continue to authenticate, as the agent functions as a repository for the key and passphrase.

IMO, using private keys without establishing a passphrase is a very bad practice. The implications aren't so bad if the key is isolated and the opportunity for theft of the key is minimal, but if you're keeping a private key that has no passphrase on, for instance, a USB fob, and that fob gets lost, stolen, or is out of your sight for extended amounts of time (maybe on your desk while at lunch or a similar scenario), trust has been lost.

I know of many people using keys but not establishing passphrases on those keys. I've also seen this in enterprise environments, where one unprotected key is being utilized with hundreds of machines. Admins typically (in my experience) tend to follow the path of least resistance and, in this case, this is definitely bad.

That's a good clarification.

Having to enter passphrases once after logging in doesn't break my flow at all, whilst login boxes popping up for each connection are a noticable distraction. It's very pleasant not to have that happen, so I'm a big fan of key-based authentication.