I'm looking at securing sshd inbound access by hostname, so that I allocate a subdomain to my FQDN expressly to access functions like ssh and other admin pages served by Apache. In Apache that's relatively easy thing to accomplish with the virtualhost directive. I can't, however, find any directive in sshd_config that will allow me to ListenHostName like you can ListenAddress.
I have a dynamic IP so ListenAddress won't work, and, in any event, it wouldn't work unless the subdomain were allocated a different IP than the master domain.
If my idea seems incoherent, what I want to do is obscure my admin utilities behind something like random-number.mydomain.com and have sshd ONLY listen on that subdomain but not www.mydomain.com
This is not the same thing as hosts.allow (AFAIK) because I want to alter the hostname sshd listens on, not the remote address sshd will accept connections from.
That way people portscanning my master domain (who don't do a domain zone transfer as well) won't even see that I have SSHd running, or any of the other remote services I want to keep private.
I know security through obscurity is not very good route on its own, but if it's possible to do it would be a nice extra hurdle.