In vyos1.3, others have submitted an implementation of DDoS attack detection, so I wonder whether it is necessary to implement the attack defense against SSH password probing?
You can put it in the subtree of the following commands, but you may need to write the corresponding Python handler.
set service ids fail2ban ssh