1. modifying the default configuration is fine: you do this for your web server (right?) so why not sshd? in fact, sshd is simpler to configure and i cannot think of one backward incompatibility in many years. disable what you don't need, this includes bits of sshd. what's the point of a configuration file if you can't change it?
2. your point about "using distribution standard ssh, a secure root password and public keys" is a little moot in light of the debian ssh keygen bug? in this case you would have been better off with building ssh yourself (and keeping it up to date).
3. in any case, you are at most risk from your users. if they are compromised, you are also (public key or not).
2. your point about "using distribution standard ssh, a secure root password and public keys" is a little moot in light of the debian ssh keygen bug? in this case you would have been better off with building ssh yourself (and keeping it up to date).
3. in any case, you are at most risk from your users. if they are compromised, you are also (public key or not).