Best practices with ssh root user and backing up ssh keys
Hey, I had a question about this. I have a lot of random idling VPSes and some servers and for a lot of them I just have the root login because I'm the only one that accesses the server. On some of those I will SSH in by key (turning off password login) and then log into another local user on there and sudo, and some of them not. In this scenario where it's just me does it really matter if I disable sshing in as root?
I also had a question about private SSH keys. I have passwords on my SSH keys but I don't have a good sense of how to back these up securely and it's a hassle to regenerate them when I get locked out. What are the best practices for storing private SSH keys? I could put some on a physical USB key maybe with an encrypted volume on top of that? Or is just a good password on them enough? For sure I don't want to store any of these in any kind of cloud storage but physical access like a random usb key lying around or that I have on me makes me a little nervous too.