By default the root user is permitted to login by using password when connecting via ssh. After checking my fail2Ban-Log I always get the feeling, that it absolutely makes sense to deactivate this authentification type.
To do so simply edit /etc/ssh/sshd_config:
#PermitRootLogin yes PermitRootLogin without-password
After restarting the demon root needs to authentify using ssh-keys.
service sshd restart