This should be a short article mentioning few options I generally change in sshd_config and recommend that you change them too.

Change port number
I usually change port number to something random to avoid millions upon millions of failed SSH connection generated by various bots on the interwebz in my server logs:

Port 10102

Turn off password authentication

PermitRootLogin without-password
PasswordAuthentication no

What additional tweaks do you make to your sshd_config file in order to secure SSH?