Is this really much of a problem? I have a VPS that's been online for years, serving port 22. I average about 200k attempts per year. I have it set to pubkey only, root can't login at all. If you connect without sending a pubkey, it pretty much instantly tells you to go away. I don't bother with fail2ban.
Maybe I should start logging attempted pubkeys as a side project just to see what pops up.
Maybe I should start logging attempted pubkeys as a side project just to see what pops up.