Security

Create user with sudo and disable root.

adduser <username>

add to sudoers
usermod -aG sudo username
(-a means append user account and -G specifies a group to add the user to)

# check (use – or -l to get non-root shell)
su - username

then do something to check sudo ok
sudo apt update

check new user can login via ssh! Then
sudo vim /etc/ssh/sshd_config
uncomment PermitRootLogin and set its vallue to no.
(if vim doesn’t like you, install nano and use that instead).
save and close, then restart sshd
sudo service sshd restart