[gNewSense-users] SSH: HostKey vs. AuthorizedKeysFile

[Stayvoid]

Hi,

I'm trying to configure SSH on a server.

I changed these lines in the server's /etc/ssh/sshd_config:
PermitRootLogin no
AuthorizedKeysFile %h/.ssh/authrized_keys

(authorized_keys is the same as id_rsa.pub on my machine.)

I connect to the server with this command:
ssh -i ~/.ssh/id_rsa <server's ip>

But it outputs the fingerprint of the server's HostKey (which is
located at /etc/ssh/ssh_host_rsa_key), not the AuthorizedKeysFile
fingerprint.

What should I do to make it work?
Will it be enough to comment the HostKey lines in
/etc/ssh/sshd_config? Is it safe?

What else should be done to restrict unauthorized access?
This guide [1] recommends to change ListenAddress to 192.168.0.1 and
Port to 666. (I want to use another port (and another address). Does
it matter? 666 is used by Doom. [2])
Will it work "out of the box" if I change these? Is there a need for a
system level tweaking (firewall etc.)?
I'm new to networking. Could you explain what does "Port" and "Listen"
mean in this case?
(Yes, I've read some papers about ports, but I want to understand this
concept completely.)
How to use SSH with a non-standard port? Will it be something like
this: ssh -i ~/.ssh/id_rsa <server's ip>:<new port number>?
Is there a need for a username@ prefix before the server's ip (I
changed PermitRootLogin to no)?

[1] 
http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html
[2] https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Cheers