The less intrusive options that give most immediate benefit for least
cost are enabled by default:
* Prevent server admins resetting SSH host key
* Block sync if multiple servers have the same SSH host key
An additional option for improved security is included to provide
hostname verification, either based on `hostname -f` or on an explicitly
defined '.hostnames' file.
Resolves: SSH redirection security issue reported by Tobias Josefowitz
of Opera Software
Thomas Pike