Quick and Basic sshd_config Options

This is just a list of basic additions/modifications to the sshd_config file for general security, and ease of administration

---

Protocol 2
ClientAliveInterval 360
ClientAliveCountMax 0
MaxAuthTries 5
PermitEmptyPasswords no
PermitRootLogin no
PubkeyAuthentication yes
PasswordAuthentication no
X11Forwarding no
Port 1984
AllowUsers user1 user2
AllowGroups remoteadmin
banner /etc/ssh_motd
PrintLastLog yes
IgnoreRhosts yes
Loglevel VERBOSE

And of course, always use key based authorization, properly chmod your files, use a banner/motd that your legal department would be proud of, and research additional software protection such as Fail2ban.