Install letsencrypt certificates

(while an active apache instance is running)
Use webserver default webroot to generate certificates before setting up vhosts for new domains.

​certbot certonly --webroot -w /var/www/html/ -d -d

SSH login via key file

create key pair and download the files (~/.ssh)

ssh-keygen -t rsa -b 2048

add public key to authorized keys /.ssh/authorized_key

cat >> ~/.ssh/authorized_keys

login from local machine

ssh -i /.ssh/keyfile