Chapter 3. Configuring the Secure Shell
Configuration is the the technical implementation of the local security policy. When setting the policy, management decided the level of protection needed for machines and data. Now you must implement their decisions when configuring Secure Shell. Secure Shell has a variety of options, some of which may not be appropriate to your local situation. Configure according to your policy. Again, if you do not have a security policy, it is important to establish one.
In configuring Secure Shell, keep in mind two principles:
Let no single point of configuration or defense be the only gatekeeper for security.
Plan on failure
Secure Shell can, and should, be configured at multiple points (build-time, server ...