One way to secure your ssh connection is to change the ssh port to random port number. It will stops the brute force attack on port 22 for ssh. Additionally, if you don't use any ipv6 connection, you should disable the ssh service on ipv6 to minimise the open port of your machine.
The example shown below was using Raspbian (on a raspberry pi) which similar with Debian and Ubuntu distro.
First please check your ssh service using this command:
sudo netstat -nlptu | grep sshd
sudo nano /etc/ssh/sshd_config
Remove comment on the Port and change the port number from 22 to any number you like. The maximum port number is 65535. You can use any number below that. For this example the number is 45664.
Next remove comment on ListenAddress 0.0.0.0 and this configuration will use only ipv4 and comment ListenAddress :: to disable ipv6.
Save the file and run this command below to enable new configuration:
sudo systemctl restart ssh.service
When you list again your ssh service, it will shows the new port (you need to login with this new port on next session) and the ipv6 service is disable.
