Who's Attacking My Server?

[bombcar]

You can get a similar reduction in ssh scans simply by moving the port (and doing nothing else) as the majority of scans only hit port 22.

Whether this is worth the hassle is left to the reader: if you have passwords disabled and only use keys it really shouldn’t matter.

[creeble]

In my experience, they find it anyway.

I've run ssh on non-standard ports for over 20 years, and my auth.log is gets a hundred knocks an hour - and mind you, they all return "no key".

It's just life, and it will continue to get worse. Secure your server and ignore it.