まだ試してないけど。

New features:

• Added chroot(2) support for sshd(8), controlled by a new option "ChrootDirectory". Please refer to sshd_config(5) for details, and please use this feature carefully. (bz#177 bz#1352)

http://www.openssh.com/txt/release-4.9

あと、これも場合によっては使えそうな変更点。

• Accept the PermitRootLogin directive in a sshd_config(5) Match block. Allows for, e.g. permitting root only from the local network.