Problem
It can be hard to know everything about setting up an #ssh server securely. And harder still to know if the changes we make actually lead to a more secure server.
Solution
ssh-audit is a tool to run automated checks against an #ssh server and validates that it is configured to use secure encryption algorithms.
While it doesn't check every possible configuration on the server, it does help identify some potential weaknesses.
Details
To run an audit, run the ssh-audit command:
ssh-audit domain.tld -p 22
The -p parameter is used to specify the server port (22 by default)
The output of the command will look something like this:
Once the check has completed, there is a guide here with instructions on how to resolve the most common issues.