Ha... 70 views and not 1 comment?

One other change I'd make is an edit to /etc/ssh/sshd_config and change

PermitRootLogin yes

to

PermitRootLogin without-password

I don't like to enable remote root login at all in general, but this at least disables password authentication. Of course you'll want to confirm that you have the pubkey authentication working, or you'll shoot yourself in the foot.

Then... as root... restart sshd -

# /etc/init.d/ssh restart

One note here... I don't know if openssh upgrades clobber any of the config files in /etc/ssh, but I'd hope that changes are preserved.