i thought i would share this guide with everyone. I created it to help people in securing their SSH connection. I will hopefully be adding a second part on other security methods soon.
Thanks guys - and yes; its always a good idea to move SSH off the main IP, and if possible instead (or as well as) passwords, use IP detection (i.e only let your IP login).
I plan on doing a second part which will focus more on server security as a whole rather than just SSH.
Your way is good, but I also do it this way. To effectively secure your ssh even further, you need to do:
vi /etc/ssh/sshd_config
1) change the #Protocol 2,1 to Protocol 2 (remember to remove the remark since it's a comment)
2) change the PermitRootLogin yes to PermitRootLogin no
3) change the PermitEmptyPasswords no to PermitEmptyPasswords no
4) change Banner /some/path to Banner /etc/issue
Hmm, nice tutorial, but no mention of firewalling the SSH port (iptables) or even using the hosts.deny and hosts.allow files to deny/allow access to individual IP's.
I have done most of these things but I am curious as to know if it is working. I took a new server and installed BFD and changed the SSH port (plus other things) but I dont know if it is working. On all my other servers I get about 3-5 emails each a day from BFD saying it is working. But I have gotten no emails from the new one that has SSH on a different port. Can I check to see if it is working just by using the wrong password to log in on the new port? I dont know if I am not getting email because something is not set up right with it or if moving it to a different port has that much of an effect.
You aren't getting any warnings to let you know BFD is working, BECAUSE you've changed the SSH port.
Most automated scanners out there looking to crack SSH are going to check on the default port (22), and obviously won't check the others as it's a waste of time. Because you changed port, these scanners aren't hitting your SSH and as a result you're not getting the warnings.
Yes, you can try logging in manually with an incorrect password and this should flag up a warning.
as Echelon17 stated. Once you've moved the port you are likely to get very few if any access attempts on the new port as its all done through use of automated bots that spend hours trying to crack the password.
GUIDE: How to help prevent SSH attacks 
) you should really move SSH off the main IP as well
Simplicity and Superiority. 
