So far, we have been using password-based authentication to gain access to our server; this is cumbersome and insecure, as malicious parties can gain access to your server simply by guessing your password. It's better to use public key authentication, which has the following benefits:
- Infeasible to guess: Passwords tend to have a number of common patterns (for example, abcd1234 or password), whereas SSH keys look like gibberish and are hard to brute-force
- Manageable: ssh-agent is a program that holds private keys so that you don't have to remember your passwords