I needed to script some SCP operations, so I used ssh-keygen and ssh-copy-id to allow me to run it without entering a password every time.
However, SSH now works without a password, too: I can just SSH to the server and it will log me right in. I don't need SSH itself to work without a password, so for security practices I'd like to disable that.
I'm certainly missing something obvious, but how can I make it so that the shared key is used only for SCP but SSH will still require a password?
