Last Updated on 2021-06-07 by Clay

Introduction

During our long use of computers, inevitably there will be times when others are maliciously attacked. But we have a great tool in Linux: "fail2ban". Fail2ban can prevent others from connecting via ssh and crack your password.

So I note how to use it today. If you want to read a more detailed explanation, you can refer here: https://www.fail2ban.org/wiki/index.php/Main_Page

Instructions

First, we need to use the following commands to install fail2ban. (Assuming your management pack is APT.)

sudo apt-get install fail2ban

And then back up the settings file.

cp /etc/fail2ban/jail.d/default-debian.conf /etc/fail2ban/jail.d/backup

To change the settings:

vim /etc/fail2ban/jail.d/default-debian.conf

We change the following settings:

[sshd]
enable = true

To:

[sshd]
enable = true
bantime = 3600
port = "your port"
maxretry = 3

bantime: Block time after failed to login, unit is "second".
port: The port you connected.
maxretry: The max number you can try.

Restart the service.

sudo /etc/init.d/fail2ban restart

Output:

[ ok ] Restarting fail2ban (via systemctl): fail2ban.service.

Mission completed!

[Linux] Tool to prevent malicious login in Linux: fail2ban

Introduction

Instructions

Leave a ReplyCancel reply

[Linux] Tool to prevent malicious login in Linux: fail2ban

Introduction

Instructions

Share this:

Leave a ReplyCancel reply