If you're looking for an SSH jail I think the Arch docs are going to be relevant, as it looks like it's configured much differently with systemd.
this post was submitted on 20 Feb 2024
12 points (92.9% liked)
homelab
6646 readers
31 users here now
founded 4 years ago
MODERATORS
Oooh, good point. I'm not even sure if I should be using this with cert only based auth
It does usually not make sense to use fail2ban with e.g sshd when only public key authentication or similar is enabled.
I think you can deal with this by installing either rsyslog
or syslog-ng
and iptables
. They all should be in the repos. Once you’ve go those set up it should supersede the equivalent systemd
utilities.
Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.
There’s a utility called logrotate
that should take care of the log rotation for you.
Good luck getting it all set up.