Debian11+通用,未测试其他发行版本。按理说Ubuntu也通用。太老的发行版不可以这样操作。
安装
apt install fail2ban -y
编辑配置
nano /etc/fail2ban/jail.local
粘贴下面的配置文件:
[sshd]
enabled = true
# To use more aggressive sshd modes set filter parameter “mode” in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See “tests/files/logs/sshd” or “filter.d/sshd.conf” for usage example and details.
#mode = normal
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[DEFAULT]
backend = systemd
然后重启服务
systemctl restart fail2ban.service
systemctl enable fail2ban.service
查看运行状态
fail2ban-client status
fail2ban-client status sshd