enhances security using cryptographic keys instead of passwords for accessing remote systems, ensuring a more secure and efficient login process.

Client#

Key Generation#

generate a key pair with ssh-keygen.

and chose if you want a passphrase

after import the public key to the server with ssh-copy-id <username>@<host>

and put the password for the last time

Configuration#

Here is the $HOME/.ssh/config{: .filepath}.

Host <name>
    HostName <host>
    HostKeyAlgorithms +ssh-rsa
    Port <port> # neded only if port != 22
    User <username>

after you can simply ssh <name>

Server#

Keypair Only Authentication#

change in /etc/ssh/sshd_config{: .filepath}.

And Use Keypair Authentication#

PasswordAuthentication no

Or Force Only Root#

PermitRootLogin prohibit-password

Additionaly Disale Password Authentication Module#

UsePAM no

and after restart it with sudo systemctl restart ssh