You just provisioned a fresh Linux server.

I went the tried and trusted SSH key method instead. They can bruteforce me all they want and waste their compute trying.

You might be interested in crowdsec. Joining that your server becomes a honeypot for this kinda bruteforce attack. If they fail a few times their IP gets submitted by your server and banned on all of them. Gets you an automatic banlist before they even reach your server.