As a concept, I could agree. However, that particular service isn’t practical. SSH is one of the most attacked services that exists, and the security implications are too great. Many administrators do not leave the service available to all, having restricted it in some way. Although the test could be opened to just the IPv6 range of 2001:470::/48 and only during the test, you all would be counting on HE not getting hacked. Knowledge of the test being from that IPv6 subnet would get out to the public and HE become a greater target.
On my collocated systems, those attempting SSH without the proper sequence go straight to my TCP tarpit (level 1). I typically have about 800 systems via IPv4 in level 1, which times out, and 200 in level 2, which clears on reboot or manual intervention only, at any one time. Level 2 is entered when a system (by IP) has misbehaved over a certain count of actions. Actions include accessing closed (or protected) ports, Xmas-tree TCP packets, TCP to multicast addresses, etc.... I also get a handful or 2 of IPv6 bad actors, but most hacks come via IPv4.
Find another service to test.