[deanhills]

[align=justify]I see that in the first pictures SSH2-RSA with a key length of 1024 bits is used. Which seems to be a default of PuTTYGen. So nothing to blame on you here.

SSH2-RSA is also fine while SSH1-RSA should be avoided at all cost due to massive security flaws in the outdated SSH1 protocol (I wonder why it is even STILL included in SSH clients and tools after so many years). Nowadays I would strictly recommend to use atleast 2048 bits key length or go even higher to values such as 4096 bits, 8192 bits and etc. Oh, SSH2-DSA is also fine.

Thanks for the valuable feedback @"Hidden Refuge".  I've never really looked properly at the above - just went for the default settings always - if I may ask, can I put in 8192 bits in that empty box at the bottom when I generate a key?  With RSA?  It probably will take very long but I don't mind taking more time to generate the key.

A small note regarding adding SSH keys to the necessary files on Linux. Always use this SSH format like in PuTTYGen and be careful with formatting. If whatsoever the format is wrong or the formatting of the key is broken with something simple as a breakline... well, you will lock yourself out of your own server because SSH cannot recognize the public key and match it to the provided private key. BE CAREFUL!

It really worried me yesterday when I disabled password authentication for logging in.  For me I'm usually careful, but if the worst should happen I've made my peace that I'll just have to reload the OS again.  I doubt however that I'll disable password authentication of a VPS that I don't have a user panel for.  Only for one where I have a greater measure of control over the outcome. I've always hesitated to use keys for this very reason - worrying that something should happen for them to get corrupted or something. In this particular case where I felt I got more bad login attempts than I should have for the type of VPS and Websites I have, the end for me more than justified the means.

What I found interesting too is that there is a tiny portion of the public key right at the beginning of the key - ssh-rsa - that one copies and pastes to one's VPS that isn't really part of the actual key.  More like a heading?  I had to think whether to include it for a few seconds until I understood that I had to include absolutely everything that was in the Public Key field for pasting to the VPS.

One last thing. At the end you set "passwordauthentication yes" to "passwordauthentication no" which is absolutely correct. However there are a few other things that should be atleast reviewed when editing sshd_config for SSH key authorized login.

• Uncomment (if commented) "PermitRootLogin yes" and set it to "PermitRootLogin without-password" to allow root to login with SSH key authorization. In this case be sure you added your public key to the authorized_keys on the root user profile, too!
  
• Uncomment (if commented) "RSAAuthentication yes" to allow RSA keys. If it is set to no set it to yes.
  
• Uncomment (if commented) "PubkeyAuthentication yes" to actually enabled the public key authentication feature. Set it to yes if it is set to no.
  
• Uncomment (if commented) "AuthorizedKeysFile     .ssh/authorized_keys" to set the default path for the authorized_keys file to the .ssh folder inside the user home folder.
  

Thanks very much for this tip - all of your feedback has been very educational and detailed.  Most helpful as per always!