Having lost part of a Sunday getting a hardened SSH to work between my various machines, it was a pleasure to recover by writing a Python script to create an /etc/sshd_config file I could actually read. Here's the script, which I've named sshd_config.py, to transform /etc/sshd_config into a more literate form, based on the man page for sshd_config.
To harden SSH on OS X, one modifies /etc/sshd_config. The web abounds with advice on what options to set, some of which are now deprecated. For others, the man page and Apple's /etc/sshd_config disagree on which is the default value. In these cases, /etc/sshd_config appears to be correct, but one cannot be sure.
This script creates a commented copy of the man page for sshd_config, and modifies it by inserting default values from /etc/sshd_config into each option heading, and inserting statements. It also sets each option which is set by /etc/sshd_config. The output file can be used as a more literate /etc/sshd_config, which one can now edit with some hope of understanding what is going on.
Sample use: Move the Python script to a work directory, make it executable, and execute the command line
./sshd_config.py /etc/sshd_config sshd_config
Best practice: Copy Apple's original to a safe place before replacing /etc/sshd_config with a modified copy. Many other hints here cover what your local copy could or should say.
Mac OS X Hints
http://hints.macworld.com/article.php?story=20080211122653423