Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix fail2ban sshd setup in jail.local #1364

Merged
merged 1 commit into from
Dec 11, 2023
Merged

fix fail2ban sshd setup in jail.local #1364

merged 1 commit into from
Dec 11, 2023

Conversation

brookmiles
Copy link
Contributor

Fixes #943 (again)

The previous PR #969 for this setting does remove the error message, but it does so by duplicating the default sshd jail a second time with a different name, and does not enable the ddos filters as intended.

Only a single jail is needed, this PR specifies the aggressive mode, which includes the default filters, plus 'extra' and 'ddos' filters, per the instructions in the fail2ban config files:

# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode   = normal

# Parameter "mode": normal (default), ddos, extra or aggressive (combines all)
# Usage example (for jail.local):
#   [sshd]
#   mode = extra

@brookmiles
remove fail2ban duplicate sshd jail specification and enable aggressi…
fb61a00 
…ve mode which includes ddos and extra filters
@vercel Vercel
Copy link

vercel bot commented Dec 11, 2023

@brookmiles is attempting to deploy a commit to the Mastodon Team on Vercel.

A member of the Team first needs to authorize it.

@andypiper andypiper self-requested a review December 11, 2023 11:46
@andypiper andypiper self-assigned this Dec 11, 2023
@andypiper andypiper merged commit e21f2fd into mastodon:master Dec 11, 2023
1 check failed
@vmstan vmstan mentioned this pull request Dec 11, 2023
Closed
@brookmiles brookmiles deleted the fix-fail2ban-sshd branch January 10, 2024 07:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@andypiper andypiper andypiper approved these changes

Assignees

@andypiper andypiper

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fail2ban instructions fail with error on Ubuntu 20.04, fail2ban v0.11.1
2 participants
@brookmiles @andypiper