Following the security problem on openssl/openssh specific to Debian (apparently, a lack of randomness in the generation of the keys for the whole OpenSSL library), it is time to renew your SSL certificates and SSH keys (a bit of cleaning). Why not turn it into the occasion to test a new certificate with the capability of answering to different names (with only one certificate and IP), as explained here? It will certainly not help the progression of my patch for OpenSSH (which did not show much progress anyhow since it was submitted upstream...) :-(

I will not give much more info, it runs the blogosphere; however, in one line for openssh-server it is sufficient to do sudo rm /etc/ssh/ssh_host*key*;dpkg-reconfigure -plow openssh-server. But most of all, do not forget to do the upgrade before! (0.9.8g-9 for sid, 0.9.8c-4etch3 for stable).

[Update] A link that I find interesting about the whole thing.