I changed the SSH port in webmin to a different one from default, disallowed authentication by password, and have a key in authorized_keys, and disallowed root login. However,
port 22 still works (new port doesnt)
can log in with just password
root can still ssh