To login to a remote server from a runner, we can use a generated SSH key. The SSH key have to be pushed to the repository.
We can also store the username and password as a Variable (http://docs.gitlab.com/ce/ci/variables/README.html) and access them from the runner through environment variables.
From these two, what is the most secure method?