Comment by commandersaki

I allow password based auth to my VPS because keys are not always a possibility, and I listen on port 22 (and port 25, 465, 587, 993) because I like the convenience.

However I use some simple restrictions such as AllowUsers and pubkey auth only for root.

I think this is a reasonable defence against typical ssh dictionary attacks.