Thanks so very much for all the hard work. Immense.
Upon using dietpi-software to convert to full logs, I noticed this:
mkdir -p /mnt/dietpi_userdata/Music /mnt/dietpi_userdata/Pictures /mnt/dietpi_userdata/Video /mnt/dietpi_userdata/downloads /var/www /opt
Three folders appear unnecessary to me so might want to clear those, but the /var/www kinda worries me a tad as I would prefer to have zero web server software exposed / installed for security reasons.
Appreciate my concerns may be unfounded but when users can only express a Webserver Preference without a None option, and there is no reference to uninstalling on the excellent web stack documentation page, thought it might be reasonable to ask this question.
Appreciate there may inadvertently be software I have chosen that requires a web server, but I am unsure what that might be, if there is one at all.
Thanks again for all the DietPi hard work. I can imagine what this involves, but expect I am imagining only a small percentage of the effort. Factoring this in, I am trying to avoid spurious posts.
Hi,
let’s try to answer your questions one by one
mkdir -p /mnt/dietpi_userdata/Music /mnt/dietpi_userdata/Pictures /mnt/dietpi_userdata/Video /mnt/dietpi_userdata/downloads /var/www /opt
This is to ensure our default folder being available as we need them for a couple of applications. This doesn’t mean any software will be installed. Usually they are empty.
Three folders appear unnecessary to me so might want to clear those, but the /var/www kinda worries me a tad as I would prefer to have zero web server software exposed / installed for security reasons.
Same as above, this is just a default folder being empty if no web server has been installed. The availability of the folder doesn’t mean any web server is installed/available. By default DietPi will start without additional software and nothing will be installed not actively selected.
Appreciate my concerns may be unfounded but when users can only express a Webserver Preference without a None option, and there is no reference to uninstalling on the excellent web stack documentation page, thought it might be reasonable to ask this question.
By default DietPi will start without additional software and nothing will be installed not actively selected. This applies for the web server as well. The Webserver Preference is what the word stand for. It’s a Preference only and not an install option. These preference will be used if you install an application that require a web server. It doesn’t mean a web server will be installed right from the beginning. Therefor an option none doesn’t make any sense 
Appreciate there may inadvertently be software I have chosen that requires a web server, but I am unsure what that might be, if there is one at all.
Just share your installed software and we could have a look if there is any which require a web server
dietpi-software list | grep "| =2 |"
Thanks Joulinar
Looks like I’m in the clear:
ID 0 | =2 | OpenSSH Client: Feature-rich SSH, SFTP and SCP client |
ID 73 | =2 | Fail2Ban: prevents brute-force attacks with ip ban | | https://dietpi.com/docs/software/system_security/#fail2ban
ID 101 | =2 | Logrotate: Rotates and compresses old log files in /var/log | | https://dietpi.com/docs/software/log_system/#full-logging
ID 102 | =2 | Rsyslog: Writes system logs (journalctl) as plain text files to /var/log | | https://dietpi.com/docs/software/log_system/#full-logging
ID 105 | =2 | OpenSSH Server: Feature-rich SSH server with SFTP and SCP support | | https://dietpi.com/docs/software/ssh/#openssh
I’ll try to tame my anxieties more strictly in future, but it’s not easy. Especially when weird things happen like my very long-term successful use of SSH keys all of a sudden being rejected 
Not suggesting this necessarily has anything to do with DietPi itself. Just another issue to troubleshoot, though. Fun times.
there is no software title which require a web server stack, hens no web server has been installed.
You could verify LISTEN ports by running
ss -tulpn | grep LISTEN
This will show no web server I guess 
Thanks Joulinar
Indeed it does confirm the only open ports are for sshd which is exactly as I want it to be.
ss -tulpn | grep LISTEN
tcp LISTEN 0 128 0.0.0.0:22 0.0.0.0:* users:(("sshd",pid=404,fd=3))
tcp LISTEN 0 128 [::]:22 [::]:* users:(("sshd",pid=404,fd=4))
Brilliant. Thanks again.
Also, fixed the SSH problem I mentioned at the end of the above reply
Was ye olde ownership of the /root folder issue caused by a ballsed-up file transfer.