So this made me realise where I could find the SSH log file, and I spent a little while panicking at just how many attempts I've been getting on my webserver, and locking things down just a little harder out of paranoia
If you use a good password (meaning a unique, randomly generated one), or disable password login and use private keys only, your chances of getting hacked by any of these are abysmally small.
There are reasons to lock down your SSH port (fear of exploitation of the SSH software, like in the xz backdoor scenario) but I generally wouldn't worry too much about all the failed login attempts in your SSH log, as long as you're using secure enough login credentials.
People have been having this experience for ages. The first time you look at access/security logs for an internet-connected server, your jaw hits the floor, you get very curious about who all those bad people are, and you start worrying whether you're doing enough to keep them out.
There are reasons to lock down your SSH port (fear of exploitation of the SSH software, like in the xz backdoor scenario) but I generally wouldn't worry too much about all the failed login attempts in your SSH log, as long as you're using secure enough login credentials.