all following changes was made in
sshd_config and you need root permission to do this. Open file with
sudo nano /etc/ssh/sshd_config or any other editor.
Disable root access
Before you do this step, make sure you have another user that is in
sudo gorup. Check Initial Server Setup on Cloud Services post if you need help with that.
sshd_config file and find and uncomment following line
# ... PermitRootLogin no # ...
Save this file and restart ssh server
sudo systemctl restart ssh
From now on, you will not be able to connect to your server with
Disable password access
It is good security practice to enable access to your SSH server only with certificates. To set-up this feature check Settig Up SSH Keys for Ubuntu post.
Do not forget your password as you will need it when you trying to run commands in as privileged user.
Enable password Authentication for specific users
In certain situations you will need to enable password authentication for specific users.
Check Initial Server Setup on Cloud Services post if you need help with creating new user.
Do not adding this user to
sudo group because you weakening your security. My advice is to enable this feature if your need it really only for non root users and only for specific users.
To enable it edit
sshd_config file and add following lines at the end of file
Match User mia PasswordAuthentication yes
This will allow to user
mia to login with her password but other users will need certificate for login.