@simpletech
For start checkout public key authentication, don't enable root login, change port to something other than 22 and if you are only person which connects to server check out also IP whitelisting. SSH config file is located in /etc/ssh/sshd_config. IP whitelisting can be done with /etc/hosts.allow and /etc/hosts.deny but there are other ways to do it, fail2ban is one of them