Install letsencrypt certificates

(while an active apache instance is running)
Use webserver default webroot to generate certificates before setting up vhosts for new domains.

​certbot certonly --webroot -w /var/www/html/ -d example.com -d www.example.com

SSH login via key file

create key pair and download the files (~/.ssh)

ssh-keygen -t rsa -b 2048

add public key to authorized keys /.ssh/authorized_key

cat key.pub >> ~/.ssh/authorized_keys

login from local machine

ssh user@example.com -i /.ssh/keyfile