I installed and configured Fail2Ban first to get some form of protection on the SSH port I am using. Unfortunately, testing shows that it is simply not working. Can someone give me some hints as to what is going on? I have used a non-standard SSH port. Do I need to make Fail2Ban and DenyHosts aware of this?
What is the MINIMAL configuration I need to do so I can test to see if this application is actually blocking failed logins? It’s simply not blocking failed logins. I could try logging in all day, still no banning going on. I am using Centos 6.5.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
You generally need to run either Fail2ban or DenyHosts, but not both. DenyHosts watches the SSH service for failed logins while Fail2ban does that too but can also watch other services as well.
You do need to let fail2ban know about the new SSH port, otherwise it’ll just block connections to port 22 which would not have any effect on the SSH service. The fail2ban SSH config should look like this:
[ssh]
enabled = true
port = 4444
filter = sshd
logpath = /var/log/auth.log
maxretry = 2
Replace 4444 with your SSH port.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.