Fail2Ban Debian Cheat Sheet
apt-get install fail2ban
Set the LogLevel parameter within /etc/ssh/sshd_config from INFO to VERBOSE. This allows fail2ban to read failed login attempts.
Change the action parameter within the jail.conf to action_mwl. Otherwise you will not get any e-mail notification about banned ips.
action = %(action_mwl)s
Finally make sure that your ssh section within jail.conf is enabled and points to the correct logfile.