I’ve used fail2ban
in the past on Ubuntu, and it was very easy to setup.
Apparently on Debian, there is no /var/log/auth.log
, and it does not use iptables, so fail2ban
is not seeing the failed login attempts and jailing the purp.
Has anyone set this up successfully before? I see suggestions online to set backend = systemd
, but this does not seem to be fixing the issue for me.
Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.
There’s a utility called
logrotate
that should take care of the log rotation for you.Good luck getting it all set up.