disable password authentication for sshd

This is considered good practice for any linux platform that has publicly addressable interfaces... Of course you will need to setup PKI public/private keys for any secure login. I am not suggesting that you turn off authentication entirely !
I had a VPS linux host out there untended for a while, and the hackers find it irresistible - there were 11,000+ authentication failures in the logs.

To stop password authentication by sshd, just add these entries to your /etc/sh/sshd_config file:
ChallengeResponseAuthentication no PasswordAuthentication no UsePAM no