De Wiki inetshell
Saltar a: navegación, buscar

https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7

Instalación[editar]

Instalación sobre CentOS / RHEL[editar]

  • Instalar y habilitar fail2ban:
yum install epel-release
yum install fail2ban
systemctl enable fail2ban

Configuración para SSH[editar]

  • Configurar fail2, agregar al archivo /etc/fail2ban/jail.local:
[DEFAULT]
# Ban hosts for one hour:
bantime = 3600

# Override /etc/fail2ban/jail.d/00-firewalld.conf:
banaction = iptables-multiport

[sshd]
enabled = true
  • Aplicar cambios:
systemctl restart fail2ban

Operaciones con Fail2ban[editar]

  • Visualizar hosts bloqueados:
fail2ban-client status
fail2ban-client status sshd