#4 No effect on stopping ssh

[William Rogers]

I am trying to use Micro Fail2Ban to lock down SSH after a certain number of attempts. With the default configuration (mf2b.conf), I assume this should happen after 3 attempts and then that user should be banned. That is not happening. I am new to Micro Fail2Ban and hope someone can tell me what I am doing wrong. Thank you.

[Phil]

Hi!

The default configuration assumes that a custom iptables chain named 'f2b' exists. In case you missed it, here's how to create it:

iptables -N f2b

iptables -I INPUT -j f2b

(Repeat the same for IPv6, just using ip6tables instead.)

Another issue might be that the default match expression does not fit your SSHDs log format - in case you're unsure, feel free to paste the output of 'grep "Invalid user" /var/log/auth.log' here and I'll have a look.

Cheers, Phil