I administer a couple of systems which provide interactive access by end users,
and for this interactive access I position OpenSSH.
However, I also use this for administrative access to the system, and I tend to
have harder security requirements for OpenSSH than most users do.
For instance, on one system, end users with a userid + password use the
sFTP server for publishing static websites. Other access is prohibited,
so I really like this OpenSSH configuration to use chrooted users, internal
sftp support, whereas a different OpenSSH is used for administrative access
(which is only accessible by myself and some trusted parties).