SSH Login Security with fail2ban on Debian

Secure your SSH logins on Debian with fail2ban. Install and configure fail2ban to protect against brute-force attacks and unauthorized access attempts.

In the world of secure remote access, Secure Shell (SSH) has become a popular choice due to its encryption and authentication capabilities. However, to enhance the security of SSH logins on Debian systems, fail2ban provides an effective solution. This article will guide you through the process of securing SSH logins using fail2ban on Debian, ensuring protection against brute-force attacks and unauthorized access attempts.

Installation and Configuration:

1. Install fail2ban:

Start by updating your Debian system:

sudo apt update
sudo apt install fail2ban

2. Configure fail2ban for SSH:

Open the fail2ban configuration file in a text editor:

sudo nano /etc/fail2ban/jail.local

3. Add SSH jail configuration:

Insert the following configuration into the file:

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
findtime = 1d
bantime = 1h

4. Save and close the file:

Press Ctrl + X, followed by Y and Enter to save and exit.

5. Restart fail2ban service:

Restart the fail2ban service to apply the changes:

sudo systemctl restart fail2ban

Validation and Monitoring:

1. Check fail2ban status:

Verify that fail2ban is running and monitoring SSH attempts:

sudo fail2ban-client status sshd

2. View banned IP addresses:

To see the list of banned IP addresses, use the command:

sudo fail2ban-client status sshd | grep "Banned IP"

3. Adjust fail2ban settings (optional):

You can customize fail2ban's behavior by modifying its configuration options in /etc/fail2ban/jail.local. Remember to restart the service after any changes.

Fail2banSSHDebianLinuxSecurity
Vote poor 1 Vote Helpfull 1
2023-06-30  
 A DynDNS Service from IPv64.net

The DynDNS service of IPv64.net is free of charge and usable in all common routers and systems. You have the choice between many different domain names.

  Healthcheck und Monitoring Service

The IPv64.net Healthchecks monitor your services, servers and endpoints. Receive notifications when your services fail. This monitoring service is free with all features.

IPv64 Mini Logo Register now

Registration with IPv64 is free of charge and immediately available for you.

Our Homelab recommendation

Raspberry Pi 4 Modell B, 8GB RAM Raspberry Pi 4 Modell B, 8GB RAM
~ 76.90 € Show me
MikroTik RouterBOARD RB5009 Router, 8x RJ-45, 1x SFP+ (RB5009UG+S+IN) MikroTik RouterBOARD RB5009 Router, 8x RJ-45, 1x SFP+ (RB5009UG+S+IN)
~ 188.88 € Show me