Created
August 17, 2017 04:23
-
-
Save liyang85/4dfd8109946515d16b2aa504c755ac91 to your computer and use it in GitHub Desktop.
Install Fail2ban to protect SSH on CentOS 6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # part 1: installation | |
| yum install epel-release | |
| yum install fail2ban | |
| # part 2: configure local settings | |
| # | |
| # You can find a file with default values called `/etc/fail2ban/jail.conf`. | |
| # Since this file may be overwritten by package upgrades, we shouldn't edit it in-place. | |
| # Instead, we'll write a new file called `/etc/fail2ban/jail.local`. | |
| # Any values defined in `jail.local` will override those in `jail.conf`. | |
| # https://www.digitalocean.com/community/tutorials/how-to-protect-ssh-with-fail2ban-on-centos-7 | |
| # | |
| # below settings are for fail2ban v0.9.6, older versions have DIFFERENT options | |
| vim /etc/fail2ban/jail.local | |
| [DEFAULT] | |
| bandtime = 3600 | |
| [sshd] | |
| enabled = true | |
| # part 3: start fail2ban-server | |
| service fail2ban start | |
| service fail2ban status | |
| fail2ban-client status sshd | |
| # part 4: start fail2ban service on boot | |
| chkconfig --list fail2ban | |
| # fail2ban has been set to start on boot by default, if not, then: | |
| chkconfig --add fail2ban |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment