1 (edited by haveagoodtime 2021-09-30 16:41:05)

Topic: Updating fail2ban to match changed SSH port

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.4.0
- Deployed with iRedMail Easy or the downloadable installer? .sh
- Linux/BSD distribution name and version: Debian 10
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? no
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have changed the default SSH port from 22 to a nonstandard port and allowed it through the firewall. (I am aware I could lock access to my IP however I do not have a static IP) I want a fail2ban jail protecting SSH access over this port. I see that fail2ban.local already exists and I see it has a few lines overriding fail2ban.conf so I added:

[sshd]
port = *changed port*

I do not want to edit fail2ban.conf so did I do this correctly? I want to override the port set for the sshd port in fail2ban.conf

Thank you.

2

Re: Updating fail2ban to match changed SSH port

Please update /etc/fail2ban/jail.d/sshd.local instead.

----

Buy me a cup of coffee ($5) to support iRedMail:

buy me a cup of coffee

3 (edited by haveagoodtime 2021-10-08 16:21:40)

Re: Updating fail2ban to match changed SSH port

ZhangHuangbin wrote:

Please update /etc/fail2ban/jail.d/sshd.local instead.

Editing sshd.local and changing the ssh port to the new one for the action value has fixed the issue and banned IPs are now being denied access. Thank you.

Not that it matters since it wasn't working regardless but I'll point out there's a typo in my original post that I just noticed

"I see that fail2ban.local already exists and I see it has a few lines overriding fail2ban.conf so I added:"

Should have said

"I see that jail.local already exists and I see it has a few lines overriding jail.conf so I added:"