Benefits of passwordless login with SSH keysIf VPS/Dedicated server is visible over the Internet, you should use public key authentication instead of passwords, if at all possible. This is because SSH keys provide a more secure way of logging in compared to using a password alone. While a password can eventually be cracked with a brute-force attack, SSH keys are nearly impossible to decipher by brute force alone. With public key authentication, every computer has (i) a public and (ii) a private "key" (two mathematically-linked algorithms that are effectively impossible to crack).
Setup SSH Keys on your Windows computer/laptop using PuttyGEN
Step 1Download PuttyGEN from the maintainer's website.
Scroll down until you find puttygen.exe and download either 32 or 64bit version.
Step 2Start PuttyGEN by double clicking on its icon
Step 3From top menu, click on "Key" and select "SSH-2 RSA" and in the bottom right box change the number 2048 to 4096
Step 4Click "Generate" button
Step 5Move your mouse pointer around in the blank area of the Key section, below the progress bar (to generate some randomness) until the progress bar is full
Step 6Click the "Save public key" button & choose whatever filename you'd like (some users create a folder in their computer named my_keys)
Step 7Click the "Save private key" button & choose whatever filename you'd like
NOTE! Both public and private files will have to stay on your computer, do not delete them.
Step 8Right-click in the text field labeled Public key for pasting into OpenSSH authorized_keys file and choose Select All, right-click again and choose Copy
Step 9Login to your VPS or Dedicated server
Step 10Run the following commands:
chmod 0700 ~/.ssh
chmod 0644 ~/.ssh/authorized_keys
Step 11Paste the SSH public key which you copied in step 8 into your ~/.ssh/authorized_keys file
Lets setup Putty on your windows computer/laptop
Step 1Start PuTTY by double-clicking its executable file
Step 2PuTTY's initial window is the Session Category (navigate PuTTY's various categories, along the left-hand side of the window)
Step 3In the Host Name field, enter the IP address of your VPS or its fully qualified domain name (FQDN)
Step 4Enter the port number in the Port field (for added security, consider changing your server's SSH port to a non-standard port.
Step 5Along the left-hand side of the window, select the Data sub-category, under Connection
Step 6Specify the username that you plan on using, when logging in to the SSH server, and whose profile you're saving, in the Auto-login username field
Step 7Expand the SSH sub-category, under Connection
Step 8Highlight the Auth sub-category and click the Browse button, on the right-hand side of the PuTTY window
Step 9Browse your file system and select your previously-created private key
Step 10Return to the Session Category and enter a name for this profile in the Saved Sessions field, e.g. firstname.lastname@example.org or email@example.com
Step 11Click the Save button
Now you can go ahead and log in to your server and you will not be prompted for a password.
Finally let's disable username/password login on your vps/dedicated server
Step 1Open /etc/ssh/sshd_config
Step 1Lets change both "PasswordAuthentication" and "UsePAM" options to "no"
Step 2Restart your SSH server
service sshd restart
sudo reload ssh