If you've been playing in Linux land, and never bothered with any of the *BSD, do yourself a favor and install one of the BSDs in a VM. You'll not be disappointed.
Keepass is opensource, if a backdoor existed, it would have been found out , reported , and closed for good. That's what open source is good at.
- ssh master connection, for svn+ssh ?
- ssh agent forwarding
- opening ssh ports using knocking
- auto blacklisting with something like sshblack
I think the above are more advanced options than the ones mentioned in the article, no ?