Securing SSH on dockstar/Debian

is there simple guide to securing SSH on debian/dockstar? like disable ssh from any host after couple failed attempts or any other solution to help with this..

One thing that comes to my mind is i change default port 22 to something else...

I had noticed coulple days ago light on my modem kept blinking at unual time...after little check on router and then on dockstar i found that some where on internet someone was trying to get through SSH on my dockstar. i went to dockstar and did netstat -np and connections were just keep coming.also was making dockstar CPU go to 5% constant...so for now i disabled port fowarding on my router but looking for some other solution - if any.

Well - sure - you can change ssh to listen on a different port.

I also recommend either:

PermitRootLogin without-password
or
PermitRootLogin no


As well - you should be running fail2ban or similar.

Consider whitelisting hosts that need to connect to ssh and using iptables to block all others.

PHT

I think you should do the following:
* change the port
* disallow root logins
* disable password logins (use key files)

Thank you - i will try couple options over the weekend

I have examined /etc/ssh/sshd_config and it have
SyslogFacility AUTH
LogLevel INFO

I'm looking at /var/log/auth.log and... there is no auth.log file. Any hints how i can check sshd log?