Set up fail2ban

Since your server is out there on the internet, there are bad actors who are constantly trying to log into it using default passwords for a myriad of services.

Fail2ban checks for attempted logins and temporarily bans IPs that fail after several attempts.

Install fail2ban:

apt install fail2ban python3-systemd

There are some odd config issues with the default installation on Debian, so check that your config looks like this:

$EDITOR /etc/fail2ban/jail.local

[DEFAULT]
backend = systemd
bantime  = 1d
maxretry = 5
findtime  = 1h

[sshd]
enabled = true

Start the service:

systemctl start fail2ban

Check status:

fail2ban-client status sshd

Check log:

tail /var/log/fail2ban.log