Stop logging in as root
Generally you don't want to log in as root, and you should avoid it.
On default Ubuntu installs the root account has no password so you can't log in as root.
It's better to use SSH keys for login, and Digital Ocean provides methods for this, but without SSH keys – you'll log in as root.
You can disable SSH access for root, but that requires a second account.
Create a new account
sudo or be root first, then
This user will need
sudo permissions, so
edit and add a line here:
# User privilege specification
root ALL=(ALL:ALL) ALL
jane ALL=(ALL:ALL) ALL
Log in as the new account
Log out and log back in via SSH as the new account, before making any other changes. Verify that you still have remote access and can
sudo as you expect.
Disable Root SSH Login
Turn off root logins
Turn off passwords (in favor of SSH keys)
restart the sshd service
service ssh restart
Verify that root is no longer allowed
Try to log in again via SSH as root; you shouldn't be able to.
You've reduced the login attack surface considerably, since "root" is no longer a valid username to log in with via SSH. And that's the most common point of attack.