Something which isn't mentioned here and really should is limiting access via firewall. This doesn't suit every situation, but if you're connecting to the host from a consistent location with a static IP, you could just block off SSH entirely except to that IP. This will ensure that intruders cannot get in. As I mentioned though, this doesn't always suit every situation, especially if your IP is dynamic and changes often.
↧