this post was submitted on 20 Feb 2024
12 points (92.9% liked)

homelab

6648 readers
21 users here now

founded 4 years ago
MODERATORS
 

I've used fail2ban in the past on Ubuntu, and it was very easy to setup.

Apparently on Debian, there is no /var/log/auth.log, and it does not use iptables, so fail2ban is not seeing the failed login attempts and jailing the purp.

Has anyone set this up successfully before? I see suggestions online to set backend = systemd, but this does not seem to be fixing the issue for me.

you are viewing a single comment's thread
view the rest of the comments
[–] root@lemmy.world 1 points 9 months ago (1 children)

Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.

[–] tvcvt@lemmy.ml 2 points 9 months ago

There’s a utility called logrotate that should take care of the log rotation for you.

Good luck getting it all set up.