Call   0208 3131682   Mon-Fri 9am-6pm
Category

centos

Setting up fail2ban on Centos 7 – to limit login attempts via SSH

By | centos, fail2ban, linux | No Comments

Using (private/public) keys to restrict access is definitely the best way to secure access to a server via SSH.

However it can be abit of pain if multiple people need access and they aren’t that tech savvy.

Another way to secure SSH but not have to worry about keys is by limiting the login attempts and banning a user’s IP address, if they make too many tries in x time period ( i.e. if they try a brute force password attack on you).

One tool for doing this is fail2ban .

Here’s the process:

 

To check fail2ban is working and banning IPs

A handy way for checking if your banned is try to login via SSH until your banned ( will say ‘connection refused’ ).

Then check what your IP (of machine your sat at ), probably as easy as any is use something like whatsmyiup’s site

Get another IP ( if you have a phone and hotspot function connect to that and it will give you a new IP ).

 

Login to ssh ( as you phone IP won’t be banned ), and look in this file for your old banned IP /var/log/fail2ban.log

 

 

References

https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7

https://www.howtoforge.com/tutorial/how-to-install-fail2ban-on-centos/