I am trying to tighten up security in my server after recent attacks leaving our server as a spam zombie. There are several issues that are cropping up though and I need help finding a solution. When we used to log in to our server we would do it with password authentication and the whole shebang. Now I've disabled that option leaving us only able to connect to the server using ssh-keys. The ssh-keys (generated through WHM) log me in directly as root. I created a new user so that this user would be the one people log in to and if changes need to be made then we can just do -su.
Here are the issues I am having
(1)I don't know how to create an SSH key that would log in as this user instead of as the root
(2)I can su to the new user as root, but if I try to su back to root it will not allow me to "bash: /bin/su: Permission denied" although if I choose exit it brings me back to root. So I guess I'm opening a bash within bash... I guess I would have to chmod su to drwxr-x--- ?
(3) and third, well it's very nice having this user but since it is a limited user it can't see beyond it's own home folder, If I want to use this user to look at what is going on in the server without being able to execute commands, I would need to be able to do so.
Please help on any of the above