Administering a web server means dealing with a server that is literally constantly under attack. And having your server get hacked is certainly not a fun experience. So I make an effort to improve security where possible. Here are my quick and dirty notes on securing SSH on a new server.

First, we add a non-root user:

adduser myusername

And set a password for our new user:

passwd myusername

Now we give this user permission to gain root access.

vi /etc/sudoers
And insert the line
myusername ALL=(ALL) ALL

This allows us to disable root login in the sshd config.

vi /etc/ssh/sshd_config
And uncomment the following line.
PermitRootLogin no

I also suggest using key based authentication so you can disable password logins to ssh completely. For more info on doing this, go to :
http://www.howtoforge.com/ssh_key_based_logins_putty