A password is a secret you type. An SSH key is a secret you never send. That gap is the whole reason key-based login beats passwords, and Day 7 was where I set it up properly instead of halfway.
One Linux task, one AWS task. Configure passwordless SSH with a key pair, and change the type of an existing EC2 instance. Both are routine. Both have one detail that turns routine into broken if you skip it. The tasks come from the KodeKloud Engineer platform, the same as the rest of this series.
SSH keys: log in without ever sending a secret
Key-based SSH uses a pair. A private key that stays on your machine and never leaves it, and a public key you can hand out freely. The server keeps the public key, and when you connect, the two sides prove they match without the private key ever crossing the wire. A password does the opposite, it gets sent to the server on every login, which is one more thing that can be captured, guessed, or brute-forced.
Start by generating the pair on your own machine:






