Honeypot analysis - Looking closer at SSH scans (user and passwords used)

Good job researching those pesky brute force scans. Is there anyway you can post the complete list with all the data collected instead of just the top 50?

Nice analysis.<p>[advice for those not doing it right]: if your sshd config allows id/pw login, turn this off and only use kays. Also, move your sshd listener port to something besides 22 to eliminate most of the bot login attempts in your log files.

I wonder if the lack of root:alpine and mobile:dottie indicates the attack tools are smart enough to know the OS of the box they're attacking, or just a lack of interest in owning jailbroken iPhones?