To protect SSH with Fail2Ban on CentOS 8, you can follow these steps:
- Install Fail2Ban by running the command
sudo yum install fail2ban. - Create a new Fail2Ban configuration file for SSH by running the command
sudo nano /etc/fail2ban/jail.d/sshd.local. - In the file, add the following configuration:
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/secure
maxretry = 3
- Save the file and exit.
- Start the Fail2Ban service by running the command
sudo systemctl start fail2ban. - To make sure that the service starts automatically at boot time, run the command
sudo systemctl enable fail2ban. - To check the status of the service, run the command
sudo systemctl status fail2ban. - To check the banned IPs, run the command
sudo fail2ban-client status sshd
This will configure Fail2Ban to monitor SSH login attempts and ban IPs that exceed the maximum number of retries (3 in this case) specified in the configuration file. It will also make sure that the service starts automatically at boot time and will allow you to check the status of the service and the banned IPs.