“Here is a quick way to drastically improve the security of your
OpenSSH server installations. Apart from past flaws in the OpenSSH
daemon itself that have allowed remote compromise (very rare), most
break-ins result from successful brute-force attacks. You can see
them in your firewall, system or auth logs, they are an extremely
common form of attack. Here is an excerpt from the
/var/log/messages file on a CentOS Linux box (the attacking
hostname has been obfuscated). You can see multiple attempts to
login as users root and ftp. Also note the time between repeated
attempts–one second or less, much too quick to be a human. This is
an automated attack…”