Minimize sshd log clutter/spam from unauthenticated connections
philipp at marek.priv.at
Sun Mar 19 00:19:25 AEDT 2023
I guess you might find fail2ban useful.
It scans logfiles (like /var/log/sshd.log), and when it sees too many authentication failures from an IP address (or network range) it can issue commands to drop any further attempts via a firewall.
By having it read its own logfile it's possible to have repeated offenders be cut out for longer and longer time spans.
More information about the openssh-unix-dev