OpenSSH is a good stout application; it's battle-tested and reliable. You can lock it down even further with a few simple tweaks. Best of all, these cause little or no inconvenience after they are set up. The first thing you should do is create some access controls that allow only authorized users to login.

Use the ListenAddress directive when you have more than one network interface on your machine, such as border routers or firewalls, or multi-homed servers connected to several different subnets. Suppose your firewall has a WAN port and two LAN ports. You can have sshd listen only on the LAN ports, or on just one of them, and not listen on the WAN port at all. You can do the same thing with a multi-homed server- the easy way to control SSH access on selected subnets is with the ListenAddress directive.

The link for this article located at EnterpriseNetworkingPlanet is no longer available.