This function is useful for authenticating website clients against local (or remote) Unix users.
I'd played around with Apache+PAM, various mod_auths and homebrewed shell programs and even NIS, but to authenticate a user against a Unix shadow file fundamentally requires root priviledges, so either your PHP script needs root or an external program needs it's sticky bit set. Both of these have *serious* security implications.
Using SSH, the overhead is obviously going to be greater but you're trusting a root service that's been (and continues to be) really well tested. Just try authing with SSH against localhost (or another host if you want).