Open picatz opened 6 years ago
sudo cp /etc/fail2ban/jail.conf > /etc/fail2ban/jail.local
echo "ignoreip = 10.0.2.15/24" >> /etc/fail2ban/jail.local echo "bantime = 300" >> /etc/fail2ban/jail.local echo "findtime = 600" >> /etc/fail2ban/jail.local echo "logpath = /var/log/secure" >> /etc/fail2ban/jail.local
touch /etc/fail2ban/jail.d/sshd.local
echo "[sshd]" >> /etc/fail2ban/sshd.local echo "enabled = true" >> /etc/fail2ban/sshd.local echo "port = ssh" >> /etc/fail2ban/sshd.local if port is not 22 then change ssh to port number echo "#action = firewallcmd-ipset" >> /etc/fail2ban/sshd.local echo "logpath = %(sshd_log)s" >> /etc/fail2ban/sshd.local echo "maxretry = 5" >> /etc/fail2ban/sshd.local echo "bantime = 600" >> /etc/fail2ban/sshd.local
service fail2ban restart fail2ban-client reload
systemctl enable fail2ban systemctl start fail2ban
cat /var/log/secure | grep 'Failed password'
ignorecommand =
We have
fail2ban
installed -- but not configured.