This is a short list, largely borrowed from digitalocean
Log in with your provided root credentials
Create a user (just hit enter and skip the info if you want)
Enable the user to use sudo
usermod -aG sudo username
Disable root SSH login
Modify the file like below. Pick a high port number between 1024 and 34627. Hit ctrl-x, ‘Y’ and finally hit enter to save.
Finally reboot and log in with the new settings
ssh email@example.com -p 12345
From now on we might need to use ‘sudo’ to run certain commands.
You might want to consider using a ssh key instead. As it is more secure.
[TODO] Insert that info.
If you do not use a external firewall you might want to use a software based one.
Check digital oceans guide for more details.
Here are some example commands
sudo ufw allow 12345
sudo ufw default deny incoming
sudo ufw default allow outgoing
sudo ufw enable
sudo ufw status
sudo ufw deny
sudo ufw status numbered
sudo ufw delete 2
sudo ufw delete allow OpenSSH
sudo ufw status verbose
sudo ufw reset
Lets reboot and check if everything is working with
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade