Interesting dilemma. I always have started with the fresh Ubuntu server as recommended, and I follow the usual DigitalOcean tuts ('cause I always forget) to tightening up SSH, disallowing root login, BUT I do create a second sudo user, and set up SSH to allow logins only by key, no passwords. Then, when I install Cloudron while logged in with the root user, it all goes well, root can't login, but my secondary sudo user still can. Maybe it was the name you choose? In reading your steps, I don't see that you did anything particular to the SSH service. So perhaps when Cloudron gets installed it does something which takes precedence over your non-steps, locking that user out. In my /home directory there is root, yellowtent and secondarysudouser. I suggest setting up your SSH service first, then install Cloudron.