How to create ssh keys + .ppk for login to server without password, protection against ssh bruteforce
To prevent bruteforce of ssh against your server, you should disable password login and create ssh keys and change ssh port and create new user instead of root. In your local Linux, make new folder, for example berlin:
make ~/.ssh/berlin
sudo ssh-keygen -t ed25519 -C "your-email@yahoo.com" -f ~/.ssh/berlin/id_ed25519
-f will avoid prompt: Enter file in which to save the key (/home/user/.ssh/berlin/id_ed25519):
Then it will ask for a passphrase.
This creates two files:
~/.ssh/berlin/id_ed25519 → private key (keep this safe!)
~/.ssh/berlin/id_ed25519.pub → public key (to copy to your server)
set key permissions (important!)
sudo chmod 700 ~/.ssh
sudo chmod 600 ~/.ssh/berlin/id_ed25519
sudo chmod 644 ~/.ssh/berlin/id_ed25519.pub