December 15, 2022

Secure Your SSH Server with fail2ban

Posted on December 15, 2022  •  1 minute  • 117 words  • Other languages:  Deutsch

Recently, I have been setting up quite a number of new linux servers. A few minutes after they have started, I see attacks on the SSH port in the log files. Consequently, one of the first steps I do on a new server, is to run a little script to install and set up fail2ban for me. This works on Ubuntu machines without changes (20.04, 22.04):

sudo apt update
sudo apt install fail2ban

echo '[sshd]
enabled = true
port    = ssh
filter	= sshd
logpath	= /var/log/auth.log
maxretry = 3
findtime = 300
bantime = 3600
ignoreip = 127.0.0.1' | sudo tee /etc/fail2ban/jail.d/defaults-debian.conf > /dev/null

sudo systemctl enable fail2ban.service
sudo systemctl restart fail2ban.service

sudo fail2ban-client status sshd
By logging in into comments, two cookies will be set! More information in the imprint.
Follow me