How To Monitor Failed SSH Attempts
|Disable Password Authentication for better Security|
You might be astonished how many people try to break into your computer via ssh. It is advisable to use key-based authentication only. Article for key-based authentication.
sudo gedit /etc/ssh/sshd_config--> change LogLevel INFO to LogLevel VERBOSE
SSH login attempts will now be saved in your /var/log/auth.log file.
Accessing the information
sudo cat /var/log/auth.log | grep sshd
sudo cat /var/log/auth.log | grep Fail
sudo cat /var/log/auth.log | grep Invalid
Disabling SSH all-together
sudo mv /etc/init/ssh.conf /etc/init/ssh.conf.disabled