[Updated 21/12/2011] SSH Protection

Users tips and ideas

Moderators: FlorianB, Pascal, bourgeois, mentor

screwloose
Posts: 29
Joined: Sun Dec 18, 2011 9:46 am
How did you hear about Mailcleaner: google

[Updated 21/12/2011] SSH Protection

Postby screwloose » Mon Dec 19, 2011 1:37 am

Hey Guys,

Not sure if there is any built-in protection for SSH.
I normally use fail2ban so here is how to add it.

apt-get install fail2ban

Edit the config file for your email address

nano /etc/fail2ban/jail.conf

Restart the service

/etc/init.d/fail2ban restart

Check that its working

fail2ban-regex /var/log/auth.log /etc/fail2ban/filter.d/sshd.conf

Thats it! Should be protected from SSH attacks.
Last edited by screwloose on Wed Dec 21, 2011 3:46 am, edited 1 time in total.
screwloose
Posts: 29
Joined: Sun Dec 18, 2011 9:46 am
How did you hear about Mailcleaner: google

Re: SSH Protection

Postby screwloose » Wed Dec 21, 2011 3:46 am

It would appear that fail2ban has some issues setting the IP table rules when trying to ban an IP.
So instead I changed to DenyHosts

If you installed fail2ban already just type
apt-get remove fail2ban

Install DenyHosts
apt-get install denyhosts

Edit the conf file, set your email address
nano /etc/denyhosts.conf

Restart the service
/etc/init.d/denyhosts restart

Then your done :)

Return to “Tips”

Who is online

Users browsing this forum: No registered users and 1 guest