fruworg.github.io/content/posts/ssh-fail2ban.md

---
title: fail2ban для SSH
description: Защита от брута пароля к SSH
date: 2022-11-29T13:41:00+05:00
tags: [linux, ssh]
---
## Установка пакета fail2ban
```shell
apt -y install fail2ban
```

## Правило для ssh
``` shell
[sshd]
enabled  = true
port     = <ssh-port>
filter   = sshd
logpath  = /var/log/auth.log
maxretry = 3
findtime = 300
bantime  = 3600

# /etc/fail2ban/jail.d/sshd.conf
```

## Перезапуск сервиса fail2ban
```shell
systemctl restart fail2ban
```
Committer: fruworg <im@fruw.org> On branch main Your branch is up to date with 'origin/main'. Changes to be committed: new file: .gitmodules new file: archetypes/default.md new file: config.toml new file: content/posts/ald-pro.md new file: content/posts/astra-fly.md new file: content/posts/astra-freeipa.md new file: content/posts/bareos-install.md new file: content/posts/cifs-automount.md new file: content/posts/create-user-keytab.md new file: content/posts/create-user-keytab.md.save new file: content/posts/dhcp-resolv.md new file: content/posts/github-ssh-auth.md new file: content/posts/ip-command.md new file: content/posts/linux-krb5.md new file: content/posts/linux-network.md new file: content/posts/linux-nfs.md.save new file: content/posts/linux-packages-rebuild.md new file: content/posts/lvm-base-commands.md new file: content/posts/pfx-to-pem.md new file: content/posts/pg-probackup-setup.md.save new file: content/posts/pg-probackup-setup.md.save.1 new file: content/posts/postgres-drop-db.md new file: content/posts/postgres-krb5.md new file: content/posts/postgres-ldaps.md new file: content/posts/postgres-pro-astra-se.md new file: content/posts/postgres-replication.md new file: content/posts/postgres-simple-backup.md new file: content/posts/postgres-tls.md new file: content/posts/reverse-shell-nc.md new file: content/posts/run-nologin.md new file: content/posts/security-solutions.md new file: content/posts/selfsigned-to-trusted.md new file: content/posts/ssh-2fa-totp.md new file: content/posts/ssh-auth-by-key.md new file: content/posts/ssh-fail2ban.md new file: content/posts/vmware-clipboard.md new file: content/posts/vmware-restart-date.md new file: content/posts/windows-disable-shutdown.md new file: static/0x952C15AB751A65F6 new file: static/favicon.ico new file: static/fruworg.png new file: themes/archie Changes not staged for commit: modified: themes/archie (modified content) 2023-07-26 18:55:24 +03:00			`---`
			`title: fail2ban для SSH`
			`description: Защита от брута пароля к SSH`
			`date: 2022-11-29T13:41:00+05:00`
			`tags: [linux, ssh]`
			`---`
			`## Установка пакета fail2ban`
			```shell
			`apt -y install fail2ban`
			```

			`## Правило для ssh`
			``` shell
			`[sshd]`
			`enabled = true`
			`port = <ssh-port>`
			`filter = sshd`
			`logpath = /var/log/auth.log`
			`maxretry = 3`
			`findtime = 300`
			`bantime = 3600`

			`# /etc/fail2ban/jail.d/sshd.conf`
			```

			`## Перезапуск сервиса fail2ban`
			```shell
			`systemctl restart fail2ban`
			```