SSH security controls
Control : SSH-7408
Proper hardening of your SSH configuration can reduce known weaknesses
Control : SSH-7412
For proper authorization purposes, do not use direct root logins. Doing so, may result in actions being performed by administrators without any traceability. Also using root permissions directly might increase the risk of intrusion or availability. (e.g. brute force attacks on the password, account lockout)Unless the owner of each key is traceable, public key authentication can be considered.
Control : SSH-7416
SSH has the option to check for file permissions before use configuration and other files. With the StrictModes option, it will only use those files which are properly configured (e.g. not using chmod 777 applied).