all following changes was made in sshd_config and you need root permission to do this. Open file with sudo nano /etc/ssh/sshd_config or any other editor.

Disable root access

Before you do this step, make sure you have another user that is in sudo gorup. Check Initial Server Setup on Cloud Services post if you need help with that.

Now open sshd_config file and find and uncomment following line

# ...
PermitRootLogin no
# ...

Save this file and restart ssh server

sudo systemctl restart ssh

From now on, you will not be able to connect to your server with root user.

Disable password access

It is good security practice to enable access to your SSH server only with certificates. To set-up this feature check Settig Up SSH Keys for Ubuntu post.

Do not forget your password as you will need it when you trying to run commands in as privileged user.

Enable password Authentication for specific users

In certain situations you will need to enable password authentication for specific users.

Check Initial Server Setup on Cloud Services post if you need help with creating new user.

Do not adding this user to sudo group because you weakening your security. My advice is to enable this feature if your need it really only for non root users and only for specific users.

To enable it edit sshd_config file and add following lines at the end of file

Match User mia
  PasswordAuthentication yes

This will allow to user mia to login with her password but other users will need certificate for login.