ssh keypairs secure from the point of authority. In the case of you logging into your account, the server’s job is to ask a question that only you can answer.
In the case of a password, the remote server doesn’t store your password either, it stores a derivative hash that can, in theory, only be generated using complex math + your password as an input. You are the only one that stores your actual password.
In the case of an ssh keypairs, it works very similarly. The public key allows the server to cryptographically ask a question that only the private key can generate an answer to correctly.
It is fundamentally the same secret exchange handshake as a password just with a few extra steps to make things more secure during automation. A password can be weak and guessable, an ssh key cannot (at least not any more than other keys of the same algorithm can).
ssh keypairs secure from the point of authority. In the case of you logging into your account, the server’s job is to ask a question that only you can answer.
In the case of a password, the remote server doesn’t store your password either, it stores a derivative hash that can, in theory, only be generated using complex math + your password as an input. You are the only one that stores your actual password.
In the case of an ssh keypairs, it works very similarly. The public key allows the server to cryptographically ask a question that only the private key can generate an answer to correctly.
It is fundamentally the same secret exchange handshake as a password just with a few extra steps to make things more secure during automation. A password can be weak and guessable, an ssh key cannot (at least not any more than other keys of the same algorithm can).