Handle security keys
# generate keypair on your LOCAL machine (https://help.ubuntu.com/community/SSH/OpenSSH/Keys)
ssh-keygen
# -t [dsa|ecdsa|ed25519|rsa|rsa1] specifies the encryption protocol
# -b [bits] specifies the key length
# -C "[label]" to make key human-identifiable
# when prompted for directory
~/.ssh/[keyname]
# enter passphrase for extra security
# restrict permissions otherwise an error is thrown
sudo chmod 700 ~/.ssh # 770 if keys are used by a group
sudo chmod 400 ~/.ssh/[keyname] # 440 if key is used by a group
sudo chmod 400 ~/.ssh/[keyname].pub # 440 if key is used by a group
# add public key to SERVER's ~/.ssh/authorized_keys
# set permissions otherwise keys WON'T WORK
sudo chmod 700 .ssh
sudo chmod 600 .ssh/authorized_keys
# if no home directory exists for the user, the location of authorized_keys can be changed in /etc/ssh/sshd_config
# for disabling non-keyed connections, edit /etc/ssh/sshd_config and add/edit the line
PasswordAuthentication no
# and restart
sudo service ssh restart