Gentoo, fail2ban and ssh – no OOTB experience

Spread the love

environment gentoo, fail2ban >0.8

problem drop ip packets from host that failed to authenticate via ssh

solution

1. emerge fail2ban
2. edit /etc/fail2ban/jail.conf

Look for [ssh-iptables] and fix:

enabled = true
logpath = /var/log/messages

If you want emails, fix 'dest='.

debugging/monitoring

Nice summary

/usr/bin/fail2ban-client status ssh-iptables

Leave a Reply