I have currently BFD installed and it bans the person temporary and he or she manages to get through to my server after a while and changes the passwords. I would like to know what other methods are there apart from BFD and Public Key Authentication into securing SSH so that this never happens again?

Are you sure they're getting in through SSH originally? It's a lot more likely that someone is exploiting poor security on a PHP script or other web application. If they really are gaining entry through SSH, it's probably because PasswordAuthentication is still set to on and you have some accounts with very easily-guessed passwords.

this:
http://www.ietf.org/rfc/rfc4252.txt

is all ssh authentication methods.

since I wanted to restrict su access to limited users, thereby stopping exactly this type of issue, I asked on the openssh email list about only enabling su ability to specific users, this was the response that helped me get the configuration I wanted:

The idea being to limit su access
> to
> > only those who have used a public / private key
> pair
> > for authentication.
>
> Easy... Compile sshd with the match keyword patch
> (http://bugzilla.mindrot.org/show_bug.cgi?id=1180),
> and use it to ensure
> that members of the admin group can only log in
> using public/private key
> authentication.
>
> Also make these users a member of the wheel group,
> and ensure that only
> they can su - check out /etc/pam.d/su.
>
> For example, in /etc/ssh/sshd_config add:
>
> Match Group admins
> PubkeyAuthentication yes
> PasswordAuthentication no
> ChallengeResponseAuthentication no
>
> In /etc/pam.d/su ensure the following is
> uncommented:
>
> # Uncomment the following line to require a user to
> be in the "wheel" group.
> auth required
> /lib/security/$ISA/pam_wheel.so use_uid
>
> I use this method to ensure that admins can only log
> in using
> public/private keys and have access to perform admin
> functions while
> (hopefully) ensuring that "normal" users cannot mess
> about.
>
> This also has the advantage that if any user uploads
> their own keys to
> ~/.ssh that they will not be able to gain admin
> rights!!!
>

This is the log from BFD and this is what it is saying

The following are event logs from 71.159.204.121 on service sshd (all time stamps are GMT -0600):

Dec 24 04:56:39 cpanel sshd[442]: Failed password for invalid user postfix from ::ffff:71.159.204.121 port 42379 ssh2
Dec 24 10:56:39 cpanel sshd[443]: Failed password for invalid user postfix from ::ffff:71.159.204.121 port 42379 ssh2
Dec 24 10:56:39 cpanel sshd[443]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:39 cpanel sshd[444]: Invalid user postfix from ::ffff:71.159.204.121
Dec 24 04:56:42 cpanel sshd[444]: Failed password for invalid user postfix from ::ffff:71.159.204.121 port 42484 ssh2
Dec 24 10:56:42 cpanel sshd[445]: Failed password for invalid user postfix from ::ffff:71.159.204.121 port 42484 ssh2
Dec 24 10:56:42 cpanel sshd[445]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:45 cpanel sshd[446]: Failed password for adm from ::ffff:71.159.204.121 port 42585 ssh2
Dec 24 10:56:45 cpanel sshd[447]: Failed password for adm from ::ffff:71.159.204.121 port 42585 ssh2
Dec 24 10:56:45 cpanel sshd[447]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:48 cpanel sshd[448]: Failed password for adm from ::ffff:71.159.204.121 port 42688 ssh2
Dec 24 10:56:48 cpanel sshd[449]: Failed password for adm from ::ffff:71.159.204.121 port 42688 ssh2
Dec 24 10:56:48 cpanel sshd[449]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:51 cpanel sshd[450]: Failed password for adm from ::ffff:71.159.204.121 port 42790 ssh2
Dec 24 10:56:51 cpanel sshd[451]: Failed password for adm from ::ffff:71.159.204.121 port 42790 ssh2
Dec 24 10:56:51 cpanel sshd[451]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:53 cpanel sshd[454]: Failed password for adm from ::ffff:71.159.204.121 port 42894 ssh2
Dec 24 10:56:53 cpanel sshd[455]: Failed password for adm from ::ffff:71.159.204.121 port 42894 ssh2
Dec 24 10:56:54 cpanel sshd[455]: Received disconnect from ::ffff:71.159.204.121: 11: Bye Bye
Dec 24 04:56:56 cpanel sshd[456]: Failed password for adm from ::ffff:71.159.204.121 port 42994 ssh2
Dec 24 10:56:56 cpanel sshd[457]: Failed password for adm from ::ffff:71.159.204.121 port 42994 ssh2

postfix, an email server account.
there is zero reason for postfix to login to ssh.
if you don't use postfix mta yourself, then you can deny postfix access to your system completely through the configuration, deny access to the user name completely to ssh.

The problem is they use different names and alot of ip addresses and when they do manage to get in after a lot of attempts they change the password and then i change it back. I had alot of problems with one server i had it shut down and the attacks have been less but still happening

Dec 25 03:08:46 cpanel sshd[6388]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:08:46 cpanel sshd[6385]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:47 cpanel sshd[6382]: Invalid user library from ::ffff:61.12.4.252
Dec 25 03:08:47 cpanel sshd[6382]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:08:47 cpanel sshd[6394]: Connection closed by ::ffff:61.12.4.252
Dec 25 03:08:48 cpanel sshd[6391]: Invalid user shell from ::ffff:61.12.4.252
Dec 25 03:08:48 cpanel sshd[6391]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:48 cpanel sshd[6386]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51102 ssh2
Dec 25 09:08:48 cpanel sshd[6387]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51102 ssh2
Dec 25 09:08:48 cpanel sshd[6387]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:48 cpanel sshd[6388]: Failed password for invalid user library from ::ffff:61.12.4.252 port 51107 ssh2
Dec 25 09:08:48 cpanel sshd[6389]: Failed password for invalid user library from ::ffff:61.12.4.252 port 51107 ssh2
Dec 25 03:08:48 cpanel sshd[6393]: Invalid user info from ::ffff:61.12.4.252
Dec 25 03:08:48 cpanel sshd[6393]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:08:49 cpanel sshd[6389]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:49 cpanel sshd[6395]: Invalid user shell from ::ffff:61.12.4.252
Dec 25 03:08:49 cpanel sshd[6395]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:49 cpanel sshd[6382]: Failed password for invalid user library from ::ffff:61.12.4.252 port 51059 ssh2
Dec 25 09:08:49 cpanel sshd[6390]: Failed password for invalid user library from ::ffff:61.12.4.252 port 51059 ssh2
Dec 25 09:08:49 cpanel sshd[6390]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:50 cpanel sshd[6391]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51131 ssh2
Dec 25 09:08:50 cpanel sshd[6392]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51131 ssh2
Dec 25 09:08:50 cpanel sshd[6392]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:51 cpanel sshd[6402]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:08:51 cpanel sshd[6402]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:51 cpanel sshd[6393]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51148 ssh2
Dec 25 09:08:51 cpanel sshd[6396]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51148 ssh2
Dec 25 03:08:51 cpanel sshd[6395]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51157 ssh2
Dec 25 09:08:51 cpanel sshd[6401]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51157 ssh2
Dec 25 09:08:51 cpanel sshd[6396]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 09:08:51 cpanel sshd[6401]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:52 cpanel sshd[6406]: Invalid user info from ::ffff:61.12.4.252
Dec 25 03:08:52 cpanel sshd[6406]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:52 cpanel sshd[6404]: Invalid user info from ::ffff:61.12.4.252
Dec 25 03:08:52 cpanel sshd[6404]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:53 cpanel sshd[6408]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:08:53 cpanel sshd[6408]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:53 cpanel sshd[6402]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51183 ssh2
Dec 25 09:08:53 cpanel sshd[6403]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51183 ssh2
Dec 25 09:08:53 cpanel sshd[6403]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:53 cpanel sshd[6410]: Invalid user shell from ::ffff:61.12.4.252
Dec 25 03:08:53 cpanel sshd[6410]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:54 cpanel sshd[6411]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:08:54 cpanel sshd[6411]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:54 cpanel sshd[6406]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51200 ssh2
Dec 25 09:08:54 cpanel sshd[6407]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51200 ssh2
Dec 25 03:08:54 cpanel sshd[6404]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51189 ssh2
Dec 25 09:08:54 cpanel sshd[6405]: Failed password for invalid user info from ::ffff:61.12.4.252 port 51189 ssh2
Dec 25 09:08:54 cpanel sshd[6407]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:55 cpanel sshd[6408]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51212 ssh2
Dec 25 09:08:55 cpanel sshd[6409]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51212 ssh2
Dec 25 09:08:55 cpanel sshd[6409]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 09:08:56 cpanel sshd[6405]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:56 cpanel sshd[6414]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:08:56 cpanel sshd[6414]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:56 cpanel sshd[6410]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51231 ssh2
Dec 25 09:08:56 cpanel sshd[6412]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51231 ssh2
Dec 25 09:08:56 cpanel sshd[6412]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:56 cpanel sshd[6411]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51238 ssh2
Dec 25 09:08:56 cpanel sshd[6413]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51238 ssh2
Dec 25 09:08:56 cpanel sshd[6413]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:57 cpanel sshd[6416]: Invalid user shell from ::ffff:61.12.4.252
Dec 25 03:08:57 cpanel sshd[6416]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:58 cpanel sshd[6418]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:08:58 cpanel sshd[6418]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:58 cpanel sshd[6414]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51271 ssh2
Dec 25 09:08:58 cpanel sshd[6415]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51271 ssh2
Dec 25 03:08:58 cpanel sshd[6419]: Invalid user shell from ::ffff:61.12.4.252
Dec 25 03:08:58 cpanel sshd[6419]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:08:58 cpanel sshd[6415]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:08:59 cpanel sshd[6422]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:08:59 cpanel sshd[6422]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:08:59 cpanel sshd[6416]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51287 ssh2
Dec 25 09:08:59 cpanel sshd[6417]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51287 ssh2
Dec 25 09:09:00 cpanel sshd[6417]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:00 cpanel sshd[6418]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51306 ssh2
Dec 25 09:09:00 cpanel sshd[6420]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51306 ssh2
Dec 25 09:09:00 cpanel sshd[6420]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:00 cpanel sshd[6419]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51309 ssh2
Dec 25 09:09:00 cpanel sshd[6421]: Failed password for invalid user shell from ::ffff:61.12.4.252 port 51309 ssh2
Dec 25 03:09:01 cpanel sshd[6426]: Invalid user webadmin from ::ffff:61.12.4.252
Dec 25 03:09:01 cpanel sshd[6426]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:09:01 cpanel sshd[6421]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:01 cpanel sshd[6422]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51319 ssh2
Dec 25 09:09:01 cpanel sshd[6423]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51319 ssh2
Dec 25 09:09:01 cpanel sshd[6423]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:02 cpanel sshd[6428]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:09:02 cpanel sshd[6428]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:03 cpanel sshd[6426]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51353 ssh2
Dec 25 09:09:03 cpanel sshd[6427]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51353 ssh2
Dec 25 03:09:03 cpanel sshd[6451]: Invalid user webadmin from ::ffff:61.12.4.252
Dec 25 03:09:03 cpanel sshd[6451]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:09:03 cpanel sshd[6427]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:04 cpanel sshd[6428]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51370 ssh2
Dec 25 09:09:04 cpanel sshd[6429]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51370 ssh2
Dec 25 09:09:05 cpanel sshd[6429]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:05 cpanel sshd[6453]: Invalid user linux from ::ffff:61.12.4.252
Dec 25 03:09:05 cpanel sshd[6453]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:05 cpanel sshd[6451]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51385 ssh2
Dec 25 09:09:05 cpanel sshd[6452]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51385 ssh2
Dec 25 03:09:05 cpanel sshd[6455]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:05 cpanel sshd[6424]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:09:05 cpanel sshd[6424]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:09:06 cpanel sshd[6452]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:06 cpanel sshd[6457]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:09:06 cpanel sshd[6457]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:07 cpanel sshd[6459]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:09:07 cpanel sshd[6459]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:07 cpanel sshd[6453]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51391 ssh2
Dec 25 09:09:07 cpanel sshd[6454]: Failed password for invalid user linux from ::ffff:61.12.4.252 port 51391 ssh2
Dec 25 09:09:08 cpanel sshd[6454]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:08 cpanel sshd[6455]: Failed password for ftp from ::ffff:61.12.4.252 port 51428 ssh2
Dec 25 09:09:08 cpanel sshd[6456]: Failed password for ftp from ::ffff:61.12.4.252 port 51428 ssh2
Dec 25 03:09:08 cpanel sshd[6424]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51326 ssh2
Dec 25 09:09:08 cpanel sshd[6425]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51326 ssh2
Dec 25 09:09:08 cpanel sshd[6425]: Connection closed by ::ffff:61.12.4.252
Dec 25 09:09:08 cpanel sshd[6456]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:09 cpanel sshd[6457]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51397 ssh2
Dec 25 09:09:09 cpanel sshd[6458]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51397 ssh2
Dec 25 03:09:09 cpanel sshd[6461]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 09:09:09 cpanel sshd[6458]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:09 cpanel sshd[6459]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51459 ssh2
Dec 25 09:09:09 cpanel sshd[6460]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51459 ssh2
Dec 25 09:09:10 cpanel sshd[6460]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:10 cpanel sshd[6463]: Invalid user unix from ::ffff:61.12.4.252
Dec 25 03:09:10 cpanel sshd[6463]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:10 cpanel sshd[6465]: Invalid user test from ::ffff:61.12.4.252
Dec 25 03:09:10 cpanel sshd[6465]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:11 cpanel sshd[6467]: Invalid user webadmin from ::ffff:61.12.4.252
Dec 25 03:09:11 cpanel sshd[6467]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:11 cpanel sshd[6461]: Failed password for ftp from ::ffff:61.12.4.252 port 51474 ssh2
Dec 25 09:09:11 cpanel sshd[6462]: Failed password for ftp from ::ffff:61.12.4.252 port 51474 ssh2
Dec 25 09:09:12 cpanel sshd[6462]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:12 cpanel sshd[6469]: Invalid user webadmin from ::ffff:61.12.4.252
Dec 25 03:09:12 cpanel sshd[6469]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:12 cpanel sshd[6463]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51513 ssh2
Dec 25 09:09:12 cpanel sshd[6464]: Failed password for invalid user unix from ::ffff:61.12.4.252 port 51513 ssh2
Dec 25 09:09:13 cpanel sshd[6464]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:13 cpanel sshd[6465]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51518 ssh2
Dec 25 09:09:13 cpanel sshd[6466]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51518 ssh2
Dec 25 09:09:13 cpanel sshd[6466]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:14 cpanel sshd[6467]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51530 ssh2
Dec 25 09:09:14 cpanel sshd[6468]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51530 ssh2
Dec 25 09:09:14 cpanel sshd[6468]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:14 cpanel sshd[6469]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51544 ssh2
Dec 25 09:09:14 cpanel sshd[6470]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51544 ssh2
Dec 25 09:09:15 cpanel sshd[6470]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:16 cpanel sshd[6474]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:17 cpanel sshd[6471]: Invalid user test from ::ffff:61.12.4.252
Dec 25 03:09:17 cpanel sshd[6471]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:17 cpanel sshd[6476]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:18 cpanel sshd[6474]: Failed password for root from ::ffff:61.12.4.252 port 51609 ssh2
Dec 25 09:09:18 cpanel sshd[6475]: Failed password for root from ::ffff:61.12.4.252 port 51609 ssh2
Dec 25 09:09:18 cpanel sshd[6475]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:18 cpanel sshd[6472]: Invalid user webadmin from ::ffff:61.12.4.252
Dec 25 03:09:18 cpanel sshd[6472]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:19 cpanel sshd[6471]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51578 ssh2
Dec 25 09:09:19 cpanel sshd[6478]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51578 ssh2
Dec 25 03:09:20 cpanel sshd[6476]: Failed password for ftp from ::ffff:61.12.4.252 port 51624 ssh2
Dec 25 09:09:20 cpanel sshd[6477]: Failed password for ftp from ::ffff:61.12.4.252 port 51624 ssh2
Dec 25 09:09:20 cpanel sshd[6478]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 09:09:20 cpanel sshd[6477]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:21 cpanel sshd[6481]: Invalid user admin from ::ffff:61.12.4.252
Dec 25 03:09:21 cpanel sshd[6481]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:21 cpanel sshd[6472]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51599 ssh2
Dec 25 09:09:21 cpanel sshd[6473]: Failed password for invalid user webadmin from ::ffff:61.12.4.252 port 51599 ssh2
Dec 25 09:09:21 cpanel sshd[6473]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:22 cpanel sshd[6479]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:22 cpanel sshd[6483]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:23 cpanel sshd[6481]: Failed password for invalid user admin from ::ffff:61.12.4.252 port 51689 ssh2
Dec 25 09:09:23 cpanel sshd[6482]: Failed password for invalid user admin from ::ffff:61.12.4.252 port 51689 ssh2
Dec 25 09:09:23 cpanel sshd[6482]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:24 cpanel sshd[6479]: Failed password for ftp from ::ffff:61.12.4.252 port 51640 ssh2
Dec 25 09:09:24 cpanel sshd[6480]: Failed password for ftp from ::ffff:61.12.4.252 port 51640 ssh2
Dec 25 09:09:24 cpanel sshd[6480]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:25 cpanel sshd[6483]: Failed password for root from ::ffff:61.12.4.252 port 51719 ssh2
Dec 25 09:09:25 cpanel sshd[6484]: Failed password for root from ::ffff:61.12.4.252 port 51719 ssh2
Dec 25 09:09:25 cpanel sshd[6484]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:25 cpanel sshd[6485]: Invalid user test from ::ffff:61.12.4.252
Dec 25 03:09:25 cpanel sshd[6485]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:27 cpanel sshd[6488]: Invalid user test from ::ffff:61.12.4.252
Dec 25 03:09:27 cpanel sshd[6488]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:28 cpanel sshd[6491]: Invalid user admin from ::ffff:61.12.4.252
Dec 25 03:09:28 cpanel sshd[6491]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:28 cpanel sshd[6487]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:28 cpanel sshd[6485]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51721 ssh2
Dec 25 09:09:28 cpanel sshd[6486]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51721 ssh2
Dec 25 09:09:28 cpanel sshd[6486]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:29 cpanel sshd[6493]: Invalid user guest from ::ffff:61.12.4.252
Dec 25 03:09:29 cpanel sshd[6493]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:29 cpanel sshd[6488]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51780 ssh2
Dec 25 09:09:29 cpanel sshd[6490]: Failed password for invalid user test from ::ffff:61.12.4.252 port 51780 ssh2
Dec 25 09:09:29 cpanel sshd[6490]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:30 cpanel sshd[6491]: Failed password for invalid user admin from ::ffff:61.12.4.252 port 51796 ssh2
Dec 25 09:09:30 cpanel sshd[6492]: Failed password for invalid user admin from ::ffff:61.12.4.252 port 51796 ssh2
Dec 25 03:09:30 cpanel sshd[6487]: Failed password for ftp from ::ffff:61.12.4.252 port 51741 ssh2
Dec 25 09:09:30 cpanel sshd[6489]: Failed password for ftp from ::ffff:61.12.4.252 port 51741 ssh2
Dec 25 09:09:30 cpanel sshd[6492]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 09:09:30 cpanel sshd[6489]: Received disconnect from ::ffff:61.12.4.252: 11: Bye Bye
Dec 25 03:09:31 cpanel sshd[6493]: Failed password for invalid user guest from ::ffff:61.12.4.252 port 51772 ssh2
Dec 25 09:09:31 cpanel sshd[6494]: Failed password for invalid user guest from ::ffff:61.12.4.252 port 51772 ssh2
Dec 25 09:09:33 cpanel sshd[6494]: Connection closed by ::ffff:61.12.4.252
Dec 25 03:09:34 cpanel sshd[6499]: Invalid user test from ::ffff:61.12.4.252
Dec 25 03:09:34 cpanel sshd[6499]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!
Dec 25 03:09:34 cpanel sshd[6497]: Address 61.12.4.252 maps to www.amnetsys.com, but this does not map back to the address -

I am trying to get a OpenSSH Public Key Authentication running which i am learning still and hopefully that stops this from happening.

Use the "AllowUsers" directive in sshd_config. Add only the authorized users. All other users will be denied access. That includes system users that a script kiddie will bang against.

It is a good idea to not allow root logins to ssh as well.

Can you explain to me how i can do that? Thank You.

Put the following line in /etc/ssh/sshd_config and restart sshd:
Where "bob", "alice", and "charlie" are the names of the users who actually need to use SSH to log in. Don't actually use bob, alice, etc, put in the names of your accounts that log in.

Once you get public key authentication working, make sure to put:
in you sshd_config as well (and restart it).

I know that I personally have posted instructions on this board several times for setting up public key authentication and exchanging keys. Just do a search.

Thank You jschiwal and chort. I found out from my Tech Support that i can add an ip range also that will allow just my ip address and i will do that using your method. As for the public key authentication i don't think i will be using that since they key creating is a big issue since you have to create it on your own machine with linux on there. Thanks Once Again.

That's not true. PuTTY is a free set of SSH utilities for Windows that will allow you to create a private/public key pair (puttygen). When you generate a key the top part of the window shows the OpenSSH format of the public key. You can copy that and paste it onto the target Linux box into a file and you save that as ~/.ssh/authorized_keys. Then you can select the private key to use in PuTTY for authentication.

Change the defult port 22 to a empty port larger than 32767 is soundly a good way to get rid of most of common scanners.

I asked my support about putty before you mentioned it because i heard from somewhere that it can generate they key and they said the following to me

The key can be generated on a system with Openssh running as you have to use the ssh -keygen to generate the key.You may use a linux machine with Openssh running in it.The key generation cannot be done in putty.

I already have the program on my computer i use it to login into my servers.

The idea of changing ports is not really that good because the person scans alot of ports and sooner or later he would have found the correct one and then took over the server.

Anyways i think we have resolved this issue my support added TCP Wrapper's on my SSH only allowing my ip address range on there and the rest basically are banned so the server is secure now and i haven't had anyone trying to break in.