Fail2Ban

Linux tool against brute force attacks on services

SSHD

Configuration of the filter

/etc/fail2ban/filter.d/sshd.conf

[Definition]
failregex = ^(?:error: PAM: )?[A|a]uthentication failure for .* from <HOST>\s*$
ignoreregex =

Configuration of the jail

/etc/fail2ban/jail.conf

[sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
maxretry = 8
findtime = 1d
bantime = 30d
# Will lock for 30 days after 8 attemps in 24h

PreviousDebian NextFind

Last updated 1 year ago