Quoting Trent W. Buck (trentbuck@gmail.com):
The plural of anecdote is not data :-)
In that case, I'll point out that I've also adminstered thousands of other people's Linux and Solaris machines on the open Internet for various employers and clients over those same decades, and my experience and that of my co-workers has been as previously indicated with no exceptions. To be quite serious about this for a moment, Internet security is a fascinating and difficult topic, but one of the many ways to go wrong with it is to lose perspective and deploy complex mechanisms to avert non-credible threats. I worry about management blunders; I don't worry about ssh password guessing. ;->
Hey, if what you're doing works for you, great.
Likewise, of course.