Jack Wallen shows you how to install and configure fail2ban on the latest release of Fedora Linux.
Since IBM/Red Hat has decided to ring the death knell for the CentOS we know and love, many of you might be considering making the switch to Fedora or Fedora Server. Because of that, you might want to know how to get a crucial system like fail2ban installed and running.
For those that might not know, fail2ban is one of the most popular open source tools for the banning of unwanted logins on a Linux system. Fail2ban monitors specific log files for failed login attempts and, when an attempt to compromise is detected, it blocks the IP address from further attack or attempted logins.
This tool should be considered a must-have for anyone who administers a Linux server or even desktop.
I want to walk you through the process of installing and configuring fail2ban on the latest release of Fedora.
Fail2ban configurations are contained within jail files, which are housed in /etc/fail2ban. We’re going to create a new jail.local file that will watch for SSH login attempts. Create this new file with the command:
sudo nano /etc/fail2ban/jail.local
If the nano editor isn’t installed, do so with the command:
sudo dnf install nano -y
In the new jail.local file, add the following contents:
With the new jail configuration in place, restart fail2ban with the command:
sudo systemctl restart fail2ban
How to test fail2ban
The easiest way to test fail2ban is to attempt to log in using SSH from another machine on your network. Type the password incorrectly three times. Once your third attempt fails, the IP address of the machine you’re testing from will be banned. Attempt to Secure Shell into the Fedora machine again and you’ll immediately be denied.
Once you’ve successfully tested the system, you can unban the test IP address with the command:
sudo fail2ban-client set sshd unbanip IP
Where IP is the IP address of the machine you want to unban.
And that’s all there is to installing and configuring fail2ban on Fedora 33. You should consider this a must-use tool to ensure the security of your Linux systems.