The advantages of using SSH key-based include:
Clearly use of unique password encrypted keys gives best security. However if a user has access to you terminal and user password they effectively have full system access anyway.
The use of sudo should not be necessary as the keys created should be user based.
The ssh-keygen command is used to create ssh key pairs
Use man ssh-keygen to see options and description of command.
ssh-keygen creates a SSH key pair. The defaults are:/homeuser/.ssh/home/user/.ssh/id_rsa/home/user/.ssh/id_rsa.pubssh-keygen -f .ssh/key-with-password creates a SSH key with non-default name and location. The defaults are:/home/user/.ssh/key-with-password/home/user/.ssh/key-with-password.pubDuring further SSH key pair generation, if you do not specify a unique file name, you are prompted for permission to overwrite the existing id_rsa and id_rsa.pub files. If you overwrite the existing id_rsa and id_rsa.pub files, you must then replace the old public key with the new one on ALL of the SSH servers that have your old public key.
Once you have generated the keys, they are stored in the /user/home/.ssh/ directory with the following permissions:
Some examples:
ssh-copy-id -i .ssh/key-with-pass.pub user@destination generic examplessh-copy-id -i .ssh/id-rsa.pub john.doe@192.168.0.1 Will copy the default created id_rsa.pub key to IP 192.168.0.1 for user john.doeThe remote ssh will ask for remote shell password.
Use man ssh–copy-id to see options and description of command.