Possible ssh problem

[SauronXXX]

I'm a complete noob when it comes to ssh-security so this may not be a problem at all. But if it is, I would appreciate any advice in how to secure my server better.

First off, it's an Ubuntu 10.04 LTS server. Which may or may not make a difference compared to say a RedHat or Suse server. Sshd is, at any rate, OpenSSH 5.3p1.

I've configured sshd to only allow one specific user to connect to the machine using ssh. So far, the user is configured to use username + password to authenticate but I've been thinking of changing that to only allow public/private key authentication instead.

So far so good. The one potential problem I've noticed is that using:

nmap -sV -A -o --osscan-guess hostname

one can discover the ssh-hostkey. How much of a problem is that? Or put in other words: how worried should I be?

[HROAdmin26]

Google: how does ssh work

At this point the client sends the server a Diffie-Hellman GEX Init request that includes the initial challenge message of the key exchange, along with a specification of the type of key exchange that will be used.

The client then listens for the server’s response, which will include the server’s public key and a challenge value that has been signed by the server’s private key, which is supposed to provide a validation that the packet could only have come from the server that sent it.