I am looking for the best of both worlds and am not sure that it is possible.
For SSH I have disabled root logins via the "PermitRootLogin no" option and am using key authentication to login to my user account and "su" to root if I need to. But what really want is to be able to login via sftp as root with key auth. I use WinSCP and due to how it logs in I am unable to "su" once connected. The kicker is that I still want to be able to keep the option to login via SSH and use standard passwords; basically I don't want to disable the option for password based logins.
Am I off my rocker here? I realize that key based auth with password based logins disabled is the best bet overall but sometimes I need to remote into the server when away from my system with the key on it.
I have tried searching with a few different terms with no joy. Any help or a nudge in the right direction is most appreciated.
Thanks in advance for any help