That parameter does stop the initial session, carpetsmoker. Big deal... the script kiddies just reestablish another TCP session and continue, no time really lost.
Modern ssh attack scripts attempt to brute force password authentication anyway, even if you have it disabled in sshd_config. So I also use PF to block scripted attacks and log the blocked IPs in a database. If you're blocked at my servers, I can give you a reason and a date/time of the misbehavior.
|