this post was submitted on 20 Feb 2024
12 points (92.9% liked)

homelab

6602 readers
1 users here now

founded 4 years ago
MODERATORS
[email protected]
12
Setting up fail2ban on Debian 12 (lemmy.world)
submitted 9 months ago by [email protected] to c/[email protected]
5 comments fedilink hide all child comments
 

I've used fail2ban in the past on Ubuntu, and it was very easy to setup.

Apparently on Debian, there is no /var/log/auth.log, and it does not use iptables, so fail2ban is not seeing the failed login attempts and jailing the purp.

Has anyone set this up successfully before? I see suggestions online to set backend = systemd, but this does not seem to be fixing the issue for me.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 9 months ago

Oooh, good point. I'm not even sure if I should be using this with cert only based auth

It does usually not make sense to use fail2ban with e.g sshd when only public key authentication or similar is enabled.