Fail2ban

Some frequently used commands.

1
2
3
journalctl --vacuum-time=1d # delete log
journalctl -u ssh.service |grep Failed > login.log # check log file
fail2ban-client status sshd # Check jail status

Jail config. Write in the jail.local file.

1
2
3
4
5
6
7
8
[sshd]
enabled = true
filter = sshd
port = 18578
maxretry = 3
findtime = 72000
bantime = 2400h
action = %(action_mwl)s