Hello.
Please help me to increase fail 2 ban jail time for ssh.
I saw in config file that it should not be modified.
So, how can i do it correctly?
Debian 12
Hi @Leonk,
You need to edit this file /etc/fail2ban/jail.local and you wiill see this block
[ssh-iptables]
enabled = true
filter = sshd
action = hestia[name=SSH]
logpath = /var/log/auth.log
maxretry = 5
So you can modify maxretry and add findtime,bantime directives. The maxretry directive specifies the number of failed login attempts allowed before a ban is triggered. It defines how many times a user can fail to authenticate within a specified period (defined by findtime) before being banned. And bantime directive specifies the duration for which a user will be banned
Example:
[ssh-iptables]
enabled = true
filter = sshd
action = hestia[name=SSH]
logpath = /var/log/auth.log
maxretry = 3
findtime = 1h
bantime = 12h
Once the file has been modified, you must restart fail2ban service.
systemctl restart fail2ban
2 Likes
thanks!
one more question.
what is [hestia-iptables] for?
is it for web interface login?
hestia-iptables service does two things:
$ systemctl cat hestia-iptables.service | grep -E '^Exec'
ExecStartPre=-/usr/local/hestia/bin/v-update-firewall-ipset load
ExecStart=/sbin/iptables-restore --wait=10 /etc/iptables.rules
1.- Load ipsets (if you added them) into kernel.
2.- Restore iptables rules so they are available every time your server boots.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.