SSH attack - multiple root login attempts

Recently I noticed that someone is constantly trying to log in to root via ssh on my Ubuntu server. I noticed this about week ago and it is done from multiple IP addresses. At the very beginning he was trying to reach most common accounts but recently he focused on root.

Jan 21 23:55:38 GrXXXXXmp sshd[1566731]: Failed password for invalid user birgit from 125.129.82.220 port 39106 ssh2
Jan 21 23:55:47 GrXXXXXmp sshd[1566733]: Failed password for invalid user wordpress from 5.51.84.107 port 36050 ssh2
Jan 21 23:55:53 GrXXXXXmp sshd[1566737]: Failed password for invalid user test from 103.149.198.24 port 35914 ssh2
Jan 21 23:55:53 GrXXXXXmp sshd[1566735]: Failed password for invalid user user2 from 190.9.130.159 port 37515 ssh2
Jan 21 23:56:03 GrXXXXXmp sshd[1566741]: Failed password for invalid user sshadmin from 43.135.163.185 port 38084 ssh2
Jan 21 23:56:03 GrXXXXXmp sshd[1566739]: Failed password for invalid user wcsuser from 61.19.127.228 port 39448 ssh2
Jan 21 23:56:03 GrXXXXXmp sshd[1566743]: Failed password for invalid user phpmyadmin from 147.182.247.29 port 35134 ssh2
...
Jan 26 12:13:51 GrXXXXXmp sshd[1687744]: Failed password for root from 45.158.181.150 port 56728 ssh2
Jan 26 12:14:24 GrXXXXXmp sshd[1687873]: Failed password for root from 122.155.166.78 port 41422 ssh2
Jan 26 12:14:56 GrXXXXXmp sshd[1687880]: Failed password for root from 45.158.181.150 port 43194 ssh2
Jan 26 12:15:44 GrXXXXXmp sshd[1687890]: Failed password for root from 122.155.166.78 port 37962 ssh2
Jan 26 12:16:15 GrXXXXXmp sshd[1687913]: Failed password for root from 45.158.181.150 port 57896 ssh2
Jan 26 12:17:03 GrXXXXXmp sshd[1687918]: Failed password for root from 122.155.166.78 port 34108 ssh2
Jan 26 12:17:23 GrXXXXXmp sshd[1687923]: Failed password for root from 45.158.181.150 port 44366 ssh2

I've got unstandard ssh port configured.

Generally I can make a list of these addresses and lock them by hosts.deny and reduce MaxTries on ssh configuration. However I just wondering whether someone has more experience how to fight with such attack?

This looks like SSH Bruteforce Attack

If your ssh is exposed to the internet I suggest that you use a key instead of password to log in.

There are a few things recommended:

1. disable root login (only allow your user)

2. disable password login after you have ssh keys set up

I am not an expert either, just learned from a tutorial:

https://www.youtube.com/watch?v=ZhMw53Ud2tY