Young uses authentication based on SSH keys, so you'll not be using passwords to log into the machine. It works as follows:

• a key pair consists of a private and a public key
• the public key is on the server (in this case Thomas)
• the private key is on your computer
• when logging in, SSH will determine if your public key on the server matches the private key on your computer.

Therefore you need to keep your private key safe: if your computer gets compromised, the attackers may use your private key to gain access to Young or any other server which has your public key. It is strongly recommended that you use a passphrase to encrypt your private key - so even if your private key falls into the wrong hands, they won't be able to use it.

You may use an already existing SSH key pair, but if you don't have one, you'll have to create it.

In a command line terminal, run the following command:
ssh-keygen -t rsa
When asked for a passphrase, do not leave it blank. Once the command finishes, you'll find id_rsa (your private key) and id_rsa.pub (your public key) under ~/.ssh/. You can view the content of id_rsa.pub with your editor of choice or by running
cat ~/.ssh/id_rsa.pub
Simply copy and paste the characters to the SSH public key box.