While this post is very old, thought I would give some info.
If you were to have read the directions when installed openssh, you will see what needs to be changed, and where to put it. You can find "good security" configs all over the net. Some are better than others, but if you plan to keep your box isolated from the InterWebs, then username/password is fine.
you should create a password for root, though.
You will first need to create/edit the conf file, and then generate the keys.
if you wanting to SSH into the box, you will use sshd_config.
Default configs don't work anyway. SSH protocol 1 might still work, but use protocol 2.
this is what I use for sshd_config:
Port 22
ListenAddress: 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /usr/local/etc/ssh/ssh_host_rsa_key
HostKey /usr/local/etc/ssh/ssh_host_dsa_key
KeyRegenerationInterval 1h
ServerKeyBits 768
# Authentication:
LoginGraceTime 2m
PermitRootLogin yes
StrictModes yes
MaxAuthTries 6
RSAAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication yes
TCPKeepAlive yes
Subsystem sftp /usr/local/libexec/sftp-server
Make sure you do nothing else after changing the password, editing the sshd_config and generating the key files. Perform a backup. Then make the changes necessary to ensure your sshd server starts on boot.... if that is what you want.
Considering my box is not accessible to the InterNet, so I will use root to login. Otherwise, PermitRootLogin is no, and you need to set a strong password for tc.
Welcome
FAQ
Downloads
Wiki
