Every log I get from my server contains long lists of failed logins - some for existing users (like root and admin and whatever) and loads and loads for nonexistent users. How should I go about protecting myself against this sort of nonsense? Apart from having unusual user names and good passwords of course! The attempts come from a different ip every day.
These are just brute force logins.
Get bfd and it will ban the ip(s) after x amount of failed logins.
Or simply do as I do..
Deny all access on port 22 except from specific ip's, be careful about this thou.
Make sure you have a static ip or add the class c or b range.
If your ip changes you will be locked out unless you have others that can add your new ip's to the allow list. http://www.rfxnetworks.com/bfd.php