Should be obvious, but check;
PasswordAuthentication no PermitRootLogin no
Pubkey must be present in ~/.ssh/authorized_keys after the next step. Use ssh-copy-id from remote terminal (i.e ssh-copy-id user@host) for a handy automated way to share a key properly. Always test by connecting to remote host and checking that authentication with private key is used with success. Putty terminal should look something like;
Test the config before you restart the daemon and irreversibly lock yourself out. Debian / Raspbian tested (other distro’s use “which sshd” to see path to sshd binary, or possibly simply ‘sshd -t’ may work
sudo /usr/sbin/sshd -t
Anything other than nil response = danger.
Restart sshd when happy.
Firefox allows layer 7 proxy configuration, Chrome passes the buck to layer 6 meaning all connections will break and reconnect via tunnel.