So why does everyone search for this? Because OpenSSH has had terrifying bugs. CVE-2016-6210 (memory exhaustion). CVE-2018-15473 (user enum). But 7.9p1 sits in a sweet spot of "old enough to be vulnerable, new enough to have killed the low-hanging fruit."
or later. If using Debian 10, ensure the latest security backports are applied (vulnerable: 1:7.9p1-10+deb10u2 1:7.9p1-10+deb10u3 Disable Agent Forwarding: Users should avoid using unless absolutely necessary. Set AllowAgentForwarding no sshd_config Restrict SSH Access: openssh 7.9p1 exploit