The server-side behavior of the sshd daemon is controlled by keyword settings in the /etc/ssh/sshd_config file. For example, the sshd_config file controls which types of authentication are permitted for accessing the server. The server-side behavior can also be controlled by the command-line options when the sshd daemon is started.
The behavior on the client side is controlled by Secure Shell keywords in this order of precedence:
Command-line options
User's configuration file, ~/.ssh/config
System-wide configuration file, /etc/ssh/ssh_config
For example, a user can override a system-wide configuration Ciphers setting that prefers aes128-ctr by specifying –c aes256-ctr,aes128-ctr,arcfour on the command line. The first cipher, aes256-ctr, is now preferred.