SSH brute force slow down

I have been trying to find a way that I was comfortable with to slow down the brute force SSH attacks.

The only problem was I was not convinced that a script or daemon watching the log files for failed logins was the best way of accomplishing this. I knew that iptables had some limiting functions, but most of my iptables experience had been with simply blocking or unblocking ports.

A Google search turned up this article, with the following iptables rules:

iptables -N SSH_CHECK
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_CHECK
iptables -A SSH_CHECK -m recent --set --name SSH
iptables -A SSH_CHECK -m recent --update --seconds 60 --hitcount 4 \
    --name SSH -j DROP

This appears to be a simple solution that I can live with :)