OpenSSH

OpenSSH is a freely available version of the Secure Shell(SSH) protocol family of tools for controlling, or transferring files between computers.
OpenSSH provides a server daemon and client tools to facilitate secure, encrypted remote control and file transfer operations.

The OpenSSH server component, sshd, listens continuously for client connections from any of the client tools. When a connection request occurs, sshd sets up the correct connection depending on the type of client tool connecting. For example, if the remote computer is connecting with the ssh client application, the OpenSSH server sets up a remote control session after authentication. If a remote user connects to an OpenSSH server with scp, the OpenSSH server daemon initiates a secure copy of files between the server and client after authentication. OpenSSH can use many authentication methods, including plain password, public key, and Kerberos tickets.

Installation

sudo apt isntall openssh-client

sudo apt install openssh-server

Help

man sshd_config

Make a Copy of the original file

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
sudo chmod a-w /etc/ssh/sshd_config.original

Restart the Service

sudo systemctl restart sshd.service

SSH Keys

SSH keys allow authentication between two hosts without the need of a password. SSH key authentication uses two keys, a private key and a public key.

To generate the keys, from a terminal prompt enter:

ssh-keygen -t rst

This will generate the keys using the RSA Algorithm. During the process you will be prompted for a password. Simply hit Enter when prompted to create the key.

By default the public key is saved in the file ~/.ssh/id_rsa.pub, while ~/.ssh/id_rsa is the private key. Now copy the id_rsa.pub file to the remote host and append it to ~/.ssh/authorized_keys :
ssh-copy-id usernameOfRemoteHost@remoteHostIP

If success, you'll see ~/.ssh/authorized_keys in the RemoteHost.

Finally,double check the permission on the authorized_keys file, only the authenticated user should have read and write permissions. If the permissions are not correct change them by:
chmod 600 .ssh/authorized_keys

The difference between ssh and sshd

The client is ssh, the daemon is sshd.

If you disable sshd, you won't be able to login remotely, so you'd effectively be locked out of the service. sshd is what listens for an incoming connection.

If you disable ssh, you won't be able to use SSH to connect to other machines.

The OpenSSH server reads a configuration file when it is started. Usually this file is /etc/ssh/sshd_config, but the location can be changed using the -f command line option when starting sshd. Some organizations run multiple SSH servers at different port numbers, specifying a different configuration file for each server using this option.

https://www.ssh.com/ssh/sshd_config

Relationship of configuration files

The SSH server actually reads several configuration files. The sshd_config file specifies the locations of one or more host key.file (mandatory) and the location of authorized_keys files for users. It may also refer to a number of other files.

SSH Server sshd -> sshd_config -> Host key -> authorized_keys

Common configuration options for individual use

Many individual developers and power users wish to maximize their convenience rather than go for maximum security. For such use, we recommend the following settings for homes, development servers, and universities.
For important system even such organizations should follow the guidelines for configuring enterprise servers.

X11Forwarding yes
AllowAgentForwarding yes
PermitRootLogin yes