@abcdw

@tfb

Same here.
In addition I use fail2ban/only allow login via ssh-key and disabled root login.
There is nearly no traffic on this port.
Checking the failed login attempts on port 22 (needs to be the ssh-port for this afaik) is quite interesting and gives a nice overview for used usernames, which then can be avoided.