HOME
art gallery Linkedin GitHub Donations Our Recommendations
Login
Hashcat Cold Storage Premium
Info
Vuln Fact Check Server Managment Links
SSH
Auth.log Debug DNS key share Cheatpapper
Encryption
fido2 Twofish serpent .ssh/config cipher set sshd set cipher
Firewall
IP block list Fail2ban fail2ban Config SELinux
Tools
Mpiexec Rsync Mosh Glances SSHFS Tmate autossh XQuartz
VPN
SSH Tunneling Cloudflare Onion Network/Tor sshuttle SSH Proxy Reverse Tunnel SSH Tunnel ssh socksv5 proxy
Keys
CA Info Generate Ed25519 key Certificates keys CA & Host auth Backup Key OTP Hardware key SCP Trezor Ledger Nano X
Tweaks
DNS BASH Zsh ssh client env sshd env config X11
Configfiles
sshd, Single Node. sshd, Firewall Single Node. sshd, Cloud Firewall Single Node. sshd, Firewall X11. Win 11 OpenSSH Server

fail2ban config

Note: Tested on Oracle Linux 9 

DEFAULT]
dbmaxmatches = 10
# Ban IP address for 365 days
bantime = 365d
# Number of failed login attempts before banning IP
maxretry = 3
# Ignore IP addresses listed in this file
ignoreip = 127.0.0.1/8 ::1
# Do not send email notifications
action = %(action_)s

[sshd]
# Set the log file path
logpath = /var/log/secure
# Set the default SSH port
port = 22
# Ban IP address for 365 days
bantime = 365d
# Number of failed login attempts before banning IP
maxretry = 3

# Fail2Ban configuration file

[Definition]
# Option:  loglevel
# Notes.:  4 - Debug
#          3 - Info
#          2 - Warning
#          1 - Error
#          0 - Critical
loglevel = 3

# Option:  logtarget
# Notes.:  This is the logtarget definition used by Fail2ban.
#          syslog - Use syslog logging facility.
#          stdout - Use stdout.
#          file   - Use a logfile.
logtarget = /var/log/fail2ban.log

# Option: dbfile
# Notes.: Set the database file name. Default is /var/lib/fail2ban/fail2ban.sqlite3
dbfile = /var/lib/fail2ban/fail2ban.sqlite3

# Option: dbpurgeage
# Notes.: Purge entries older than the time given in seconds (3600 = 1 hour).
dbpurgeage = 86400

# Option: maxretry
# Notes.: Number of retries before the IP is banned.
maxretry = 3

# Option: bantime
# Notes.: Duration in seconds for which the IP is banned.
bantime = 3600

# Option: findtime
# Notes.: The time window in seconds for the maxretry count.
findtime = 600

# Option: backend
# Notes.: Specify the backend used to get files modification.
#          auto - Try to use the best backend.
#          polling - Use polling algorithm (default).
#          gamin - Use Gamin (a file and directory monitoring system).
#          inotify - Use inotify (a file and directory monitoring system available on Linux).
#          auto can be changed to any backend.
backend = auto

[ssh]
# Option:  enabled
# Notes.:  enable or disable the jail.
# Values:  true/false, yes/no, 1/0
enabled = true

# Option:  filter
# Notes.:  source of filter configuration
# Values:   :  or  ; 
filter = sshd

# Option:  port
# Notes.:  Specifies the port for the sshd service.
port = ssh

# Option:  logpath
# Notes.:  Specifies path to the sshd logs.
logpath = /var/log/auth.log

# Option:  maxretry
# Notes.:  Number of failures before banning the IP address.
maxretry = 6

# Option:  bantime
# Notes.:  Length of time that an IP will be banned for (in seconds).
bantime = 600

# Option:  ignoreip
# Notes.:  IP addresses listed here will be ignored and not banned.
ignoreip = 127.0.0.1/8 ::1