We have been having some problems with people trying to hack on one of our webservers, the auth.log file of the Debian box is full of unsuccessful attempts. In an effort to secure the box a bit better we have restricted the users that can access the box by placing the line:
AllowUsers user1 user2
in the /etc/ssh/sshd_config file.
It is also possible to restrict access via ip address by adding lines to the host.allow and host.deny files, but as I regularly have to access the box remotely from a clients site I can’t restrict it. You can also change the port and tuen off Root logins too to help stop the hackers.