in order to prevent unnecessary changes due to
random ordering of dig results.

Now ssh_config also accepts string-or-list options, for serveral
keywords.

Added a macro to handle multivalue options entered in either string
format or list format (with auto joiner).

Upstream opensshd does not support PAM

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>

put the ssh_config Host:* options in the defaults file so they can be overridden

This gives us the ability to define system-wide definitions for specific Hosts, and their options.

For example, with this in pillar:

```
# this is the place for host-wide SSH config
ssh_config:
  ...
  Hosts:
    # this simplifies cloning with custom params
    # eg: git clone my-git:foo/bar
    my-git:
      User: git
      HostName: git.example.com
      Port: 2222
```

This would add a section in `/etc/ssh/ssh_config`:

```
Host my-git
    User git
    HostName git.example.com
    Port 2222
```

Made a small change to reflect the default sshd_config

This state manages /etc/ssh/ssh_known_hosts and fills it with
public SSH host keys of other minions.

This will add more options to set to secure openssh
- AllowUsers
- AllowGroups
- DenyUsers
- DenyGroups

When specifying multiple unknown ssh options, they would all appear on
the same line.

Synced file with default from Ubuntu 12.04 latest

This provides a default option (according to the package-provided config file) for each option in the config.