In an effort to decrease the likelihood of a successful brute force crack attempt, I have severely increased the ban times for repeated attempts. I ban the attacking IP for a year after the second time it trips a ban.
There isn’t a lot more you can do except to change the ports you’re using to something other than the standard port numbers.
The number of crack attempts used to bother me until I noticed that most of them attempting to gain access via “standard” user names, none of which I use, and I disabled root access. As long as you have a strong password or use public key access, you shouldn’t have much to worry about. The only other thing then was the number of ban notification emails I was getting. I now just automatically file those for reference, so I don’t see them unless I want to, and I really don’t think about them much anymore.