Think of SSH keys as encryption or cryptographic keys that is similar to passwords but does not need the manual input of character based passwords. In this method, a pair of keys is made prior to authentication – one private another public. The private key is obviously kept secret and is in the hands of the user while the public key can be shared with any user.
The first step in authentication is to broadcast the public key on a server. The moment any user connects to this server having the public key, the client is asked for a private key associated with the public key. Clients who can provide the specific secret private key are granted access and those who cannot are denied access.
Why Are They Secure?
SSH is entirely encrypted meaning that there is no way a malicious user can gain access to a server. With passwords, brute force attack is easy as it simply takes modern computing power and runs a number of possible answers until one clicks into place. But, with SSH authentication, you need not use password protection and thus bypass the possibility of brute force attacks. Moreover, because SSH keys contain more data than a menial password, the chances of cracking is significantly lower. Algorithms are used to make uncrackable keys.
Is It Hard to Implement?
No not at all. They are simple to set up on a Unix or Linux server. All you do is generate the pair of SSH keys on your device and then transfer the public key over to the server. That is it.