I would jump right in with disabling ssh password logins also, whether a non-root-user is created or not.
For headless installs, the same place you add a root or user password (such a place exist?) should be extended to add a public key.
For headless installs, the same place you add a root or user password (such a place exist?) should be extended to add a public key.
Comment