Is your Ubuntu or Debian server experiencing brute-force attacks on SSH? In this article I am explaining how to secure your server against SSH attacks with fail2ban on Ubuntu and its derivatives (like Mint), as well as on Debian.
If you are looking for instruction for CentOS, see my other post.
fail2ban is a special software that is installed on a server to block intruders’ IP addresses after exceeding configured amount of failed login attempts.
fail2ban SSH on Ubuntu / Debian / Mint
Installation and configuration of fail2ban for SSH is very simple.
First we have to install required fail2ban meta-package:
Next, we have to create a configure file protect SSH with fail2ban. Create /etc/fail2ban/jail.d/ssh.local file and put the following content inside:
Save the file and then execute service fail2ban start command. Now you have installed, configured and started fail2ban SSH protection!
Don’t forget to make fail2ban to start at boot time with following command:
Learn more about Ubuntu