> > [Normal log stuff from dictionary attack deleted...]
>
> This is common, and, presuming you have good passwords or only
> accept authorized_keys, not a real problem other than large log
> files.
>
> Look at fail2ban for a method that will automatically add
> iptables blocks when this occurs.
>
yes fail2ban is very useful. but also good to change to a non standard port.