I see things like this in my /var/log/auth.log
sshd[2173]: Unable to negotiate with 218.92.0.205 port 21029: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]
sshd[1964]: Unable to negotiate with 218.92.0.205 port 26342: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]
sshd[3031]: Unable to negotiate with 218.92.0.205 port 25903: no matching host key type found. Their offer: ssh-rsa,ssh-dss [preauth]
fail2ban doesn't filter these issues.
for reference my jail.local config:
[sshd]
enabled = true
filter = sshd
port = 0:65535
banaction = ufw
bantime = -1
maxretry = 1
logpath = %(sshd_log)s
backend = %(sshd_backend)s
I think I need to update my regex, how can I block this spam?