[dahart]

Any time I start an ssh server for myself on a publicly accessible IP, hackers account for roughly 100% of login attempts. The legit logins are in the noise, and dictionary attacks on username and password fill the logs. With decent passwords, it's not much concern, but nowadays, I disable password logins completely.

[LeifCarrotson]

My experience is the same. I set up a VPN for a coworker, who used it on 3 separate weeks away, connecting in total maybe 30 times. There were several MB of logs detailing illegitimate connection attempts.

It makes me curious what's really going over the wires and airwaves we love to hate for their low capacity and high cost. How much of that traffic is junk?

[greenshackle2]

I see a ton of attempts on my server that has SSH on a non-standard port. I imagine they don't all run port scans and I'd see even more on port 22.