Client: 192.168.1.10 Zhangsan user
Server: 192.168.1.20 Lisi users
Create key pairs in the client:

[zhangsan@localhost /]$ ssh-keygen -t ecdsa         # - t is used to specify algorithm types: ecdsa and dsa
Generating public/private ecdsa key pair.
Enter file in which to save the key (/home/zhangsan/.ssh/id_ecdsa):     # Specify the private key location
Created directory '/home/zhangsan/.ssh'.
Enter passphrase (empty for no passphrase):             # Setting Private Key Phrases
Enter same passphrase again:                            # Confirm the set private key phrase
Your identification has been saved in /home/zhangsan/.ssh/id_ecdsa.
Your public key has been saved in /home/zhangsan/.ssh/id_ecdsa.pub.
The key fingerprint is:
81:3b:35:3b:8f:12:60:ba:f5:68:57:b0:ae:35:2c:fe zhangsan@localhost.localdomain
The key's randomart image is:
+--[ECDSA  256]---+
|                 |
|       .         |
|    o o +        |
|   o . = +       |
|  . . = S        |                                      # Generally speaking, the string on the left is correct.
|   o = + +       |
|  . + O . .      |
|   o = o         |
|    o.E          |
+-----------------+

Private key phrases are used to protect private key files, and correct private key phrases must be entered when remote connections are made. If the private key phrase is not set, then passwordless login is realized at the time of connection, which is not recommended.
Generally, the key pair is created by the client, the public key is uploaded to the server, the public key text is imported into the server, and the key verification is used in the client.
Here the second and third steps can be achieved in another way:

[zhangsan@localhost /]$ ssh-copy-id -i ~/.ssh/id_ecdsa.pub lisi@192.168.1.20 -p 2345                         # - The i option is used to specify the public key file
The authenticity of host '[192.168.1.20]:2345 ([192.168.1.20]:2345)' can't be established.
ECDSA key fingerprint is 68:df:0f:ac:c7:75:df:02:88:7d:36:6a:1a:ae:27:23.
Are you sure you want to continue connecting (yes/no)? yes
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
lisi@192.168.1.20's password:           # The public key is added to the. / sshauthorized_keys file in the lisi host directory after password verification by the lisi user

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p '2345' 'lisi@192.168.1.20'"
and check to make sure that only the key(s) you wanted were added.

Verify with a key pair:

[zhangsan@localhost /]$ ssh -p 2345 lisi@192.168.1.20
Enter passphrase for key '/home/zhangsan/.ssh/id_ecdsa':        # If you enter a private key phrase here, you don't need to enter lisi's password.
Last login: Fri Aug 16 18:19:48 2019 from 192.168.1.10
[lisi@mysql ~]$