SSH Login Security with fail2ban on Debian
Secure your SSH logins on Debian with fail2ban. Install and configure fail2ban to protect against brute-force attacks and unauthorized access attempts.
Secure your SSH logins on Debian with fail2ban. Install and configure fail2ban to protect against brute-force attacks and unauthorized access attempts.
In the world of secure remote access, Secure Shell (SSH) has become a popular choice due to its encryption and authentication capabilities. However, to enhance the security of SSH logins on Debian systems, fail2ban provides an effective solution. This article will guide you through the process of securing SSH logins using fail2ban on Debian, ensuring protection against brute-force attacks and unauthorized access attempts.
1. Install fail2ban:
Start by updating your Debian system:
sudo apt update
sudo apt install fail2ban
2. Configure fail2ban for SSH:
Open the fail2ban configuration file in a text editor:
sudo nano /etc/fail2ban/jail.local
3. Add SSH jail configuration:
Insert the following configuration into the file:
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
findtime = 1d
bantime = 1h
4. Save and close the file:
Press Ctrl + X
, followed by Y
and Enter
to save and exit.
5. Restart fail2ban service:
Restart the fail2ban service to apply the changes:
sudo systemctl restart fail2ban
1. Check fail2ban status:
Verify that fail2ban is running and monitoring SSH attempts:
sudo fail2ban-client status sshd
2. View banned IP addresses:
To see the list of banned IP addresses, use the command:
sudo fail2ban-client status sshd | grep "Banned IP"
3. Adjust fail2ban settings (optional):
You can customize fail2ban's behavior by modifying its configuration options in /etc/fail2ban/jail.local
. Remember to restart the service after any changes.
The DynDNS service of IPv64.net is free of charge and usable in all common routers and systems.
You have the choice between many different domain names.
The IPv64.net Healthchecks monitor your services, servers and endpoints. Receive notifications when your services fail.
This monitoring service is free with all features.
Registration with IPv64 is free of charge and immediately available for you.
Ubiquiti UniFi G3 Flex (UVC-G3-FLEX) ~ 72.79 € Show me | |
Ubiquiti UniFi G5 Bullet (UVC-G5-BULLET) ~ 130.88 € Show me |