One of the easiest steps (next to the already mentioned) is using a different port for ssh. This way these automated attacks won't happen anymore.
Additionally fail2ban and you're set.
Disclaimer: I know this won't stop a dedicated attacker, but it will stop the automated attacks and scans.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.