I'm not sure if this is making things too complicated, but one of the problems with SSH is that bots start to hammer it from the moment it is turned on. I use rate limiting and have seen others mention it on the Ubuntu Forums. Maybe it can be part of the settings for SFTP/SSH.
e.g.
ip6tables -I INPUT -p TCP --dport 22 -m state --state NEW -m limit --limit 4/minute --limit-burst 5 -j ACCEPT
iptables -I INPUT -p TCP --dport 22 -m state --state NEW -m limit --limit 4/minute --limit-burst 5 -j ACCEPT
I'm not sure if this is making things too complicated, but one of the problems with SSH is that bots start to hammer it from the moment it is turned on. I use rate limiting and have seen others mention it on the Ubuntu Forums. Maybe it can be part of the settings for SFTP/SSH.
e.g.
ip6tables -I INPUT -p TCP --dport 22 -m state --state NEW -m limit --limit 4/minute --limit-burst 5 -j ACCEPT
iptables -I INPUT -p TCP --dport 22 -m state --state NEW -m limit --limit 4/minute --limit-burst 5 -j ACCEPT