36 lines
1.0 KiB
Plaintext
36 lines
1.0 KiB
Plaintext
[sshd]
|
|
|
|
# ==========================
|
|
# SSH Jail Configuration
|
|
# ==========================
|
|
|
|
# Enable the SSH jail to monitor and protect against brute-force attacks.
|
|
enabled = true
|
|
|
|
# Port Fail2Ban should monitor for SSH connections.
|
|
# If you run SSH on a custom port, replace 'ssh' with the actual port number (e.g., 2222).
|
|
port = ssh
|
|
|
|
# Filter definition to use.
|
|
# 'sshd' refers to the default filter that matches common SSH authentication failures.
|
|
filter = sshd
|
|
|
|
# Log file location.
|
|
# '%(sshd_log)s' uses the default value set by the system, typically /var/log/auth.log or journalctl.
|
|
logpath = %(sshd_log)s
|
|
|
|
# Backend for reading logs.
|
|
# 'systemd' is recommended if your system uses journalctl for logging.
|
|
backend = systemd
|
|
|
|
# ==========================
|
|
# SSH-Specific Overrides
|
|
# ==========================
|
|
|
|
# Time window to evaluate failed login attempts.
|
|
# If 'maxretry' failures occur within this time, the IP will be banned.
|
|
findtime = 5m
|
|
|
|
# Number of failed attempts allowed before triggering a ban.
|
|
maxretry = 4
|