SSH | Fail2Ban
Install Fail2Ban
Section titled “Install Fail2Ban”1. Update & Install
Section titled “1. Update & Install”sudo apt update && sudo apt install fail2ban -y2. Create config (jail.local)
Section titled “2. Create config (jail.local)”sudo nano /etc/fail2ban/jail.local[DEFAULT]
# block 12 hours (43200 seconds)bantime = 43200
#trial time window (10 minutes)findtime = 600
# max retrymaxretry = 5
# backend logbackend = systemd
# ignore Self IPignoreip = 127.0.0.1/8 ::1
[sshd]
enabled = trueport = 22filter = sshdlogpath = %(sshd_log)smaxretry = 5bantime = 432003. Restart fail2ban
Section titled “3. Restart fail2ban”sudo systemctl restart fail2ban4. Enable auto start
Section titled “4. Enable auto start”sudo systemctl enable fail2ban5. Check status ssh jail
Section titled “5. Check status ssh jail”sudo fail2ban-client status sshd