ssh {
    authentication-order  [method 1 method2...];
    authorized-keys-command authorized-keys-command;
    authorized-keys-command-user authorized-keys-command-user;
    ciphers [ cipher-1 cipher-2 cipher-3 ...];
    client-alive-count-max number;
    client-alive-interval seconds;
    connection-limit limit;
    fingerprint-hash (md5 | sha2-256);
    hostkey-algorithm (algorithm | no-algorithm);
    key-exchange [algorithm1 algorithm2...];
    log-key-changes log-key-changes;
    macs [algorithm1 algorithm2...];
    max-pre-authentication-packets number;
    max-sessions-per-connection number;
    no-challenge-response;
    no-password-authentication;
    no-passwords;
    no-public-keys;
    allow-tcp-forwarding;
    port port-number;
    protocol-version [v2];
    rate-limit number;
    rekey {
        data-limit bytes;
        time-limit minutes;
    }
    root-login (allow | deny | deny-password);
    sftp-server;
}