Best practices for securing SSH server

[Daniel Underwood]

> I do not believe that tricks like running ssh on a
> non standard port or using port-knocking provide
> much extra security.

I can understand that varying the port is not a very strong defensive
measure, but I don't understand your point about port-knocking.

If you configure a complex and seemingly random sequence of knocks
before allowing an IP access to your ssh port, have you not
significantly strengthened your ssh server?