https://www.sshguard.net/
sshguard
On Linux hosts I use Fail2ban, but for OpenBSD, I use sshguard due to limitations regarding the compatibility. sshguard will at least slow down those password brute-force attempts, which appear too often from one single IPv4 or IPv6 endpoint.
Now, obviously we should be able to limit SSH access to important systems by enforcing key-based authentication and / or Multi-Factor Authentication (MFA) based on TOTP (Time-based OneTime Pad) for example. MFA authentication for OpenSSH on OpenBSD doesn’t seem to be a viable option today, though.
https://www.fail2ban.org/wiki/index.php/Main_Page