Linux Servers: SSH Hardening Tips

Don't know what the settings are?
sshd -T
1. Disable empty passwords:
PermitEmptyPasswords no
2. Change default SSH ports:
Port 2345
3. Disable root login via SSH:
PermitRootLogin no
4. Disable ssh protocol 1:
Protocol 2
5. Configure idle timeout interval (seconds):
ClientAliveInterval 300
6. Allow SSH access to selected users only:
AllowUsers User1 User2
Also: AllowGroups {groupname}, DenyUsers, DenyGroups
7. Disable X11 Forwarding:
X11Forwarding no
9. Disable password based SSH login:
How to add SSH public keys to a server
Detailed tutorial
10. Enable Two-factor authentication with SSH: