If you've ever managed or logged into a web server and never set up SSH keys, it's because you don't yet know the real risks of a break-in — and that's okay. Until you find out what can happen.
Logging into a server over SSH with a username and password is like locking the front door of a house that faces the street, with nobody keeping watch. Anyone can try as many combinations as they want, freely.
And setting this up takes almost as much time as typing a username and password — and it makes getting into the server much faster and easier afterwards.
Ignorant of best practices, I managed my servers for a long time by typing:
ssh user@server-ip






