• About Us
  • Disclaimers
  • Privacy Policy
  • Sitemap
Linux Tutorials for Beginners
Advertisement
  • Ubuntu
    Install and Secure phpMyAdmin on Ubuntu 22.04

    How To Install and Secure phpMyAdmin on Ubuntu 22.04

    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Ubuntu 22.04

    Install Uptime Kuma on Ubuntu 22.04

    How To Install Uptime Kuma on Ubuntu 22.04

    Install Ubuntu Server 22.04

    How To Install Ubuntu Server 22.04 LTS with Screenshots

    Set Up Firewall on Ubuntu 22.04

    How To Set Up a Firewall with UFW on Ubuntu 22.04

    Install Nginx on Ubuntu

    How To Install Nginx on Ubuntu 22.04: A Comprehensive Guide

    Install MySQL 8.0 on Ubuntu 22.04

    How To Install MySQL 8.0 on Ubuntu Server 22.04

    install-php74-ubuntu2204

    How To Install PHP 7.4 on Ubuntu 22.04

    Install Snipe-IT on Ubuntu 22.04

    How To Install Snipe-IT Asset Management on Ubuntu 22.04

  • Debian
    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Debian 11

    Install Debian 11 Server

    How To Install Debian 11 (Bullseye) Server with Pictures

    Install and Setup Node.js on Debian 11

    How To Install and Setup Node.js on Debian 11

    Install PHP 8.2 on Debian 11

    How To Install PHP 8.2 on Debian 11

    Install Nginx on Debian 11

    How To Install Nginx on Debian 11: A Comprehensive Guide

    Set Up Firewall with UFW on Debian

    How To Set Up a Firewall with UFW on Debian 11

    install php74 on debian 11

    How To Install PHP 7.4 on Debian 11

    Install MariaDB 10.9 on Debian 11

    How To Install MariaDB 10.9 on Debian 11 Server

    Initial Setup Debian Server

    Initial Setup Debian 11 Server: Secure and Efficient

  • Rocky Linux
    Install phpMyAdmin on Rocky Linux 9

    How To Install phpMyAdmin on Rocky Linux 9

    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Rocky Linux 9

    Install Rocky Linux 9.2 Server

    How To Install Rocky Linux 9.2 Server with Screenshots

    setup Firewall Using Firewalld Rocky Linux 9

    How To Set Up a Firewall Using FirewallD on Rocky Linux 9

    Install Nginx on Rocky Linux 9

    How To Install Nginx on Rocky Linux 9: A Comprehensive Guide

    Install Apache on Rocky Linux

    How To Install and Configure Apache on Rocky Linux 9

    Install MongoDB on Rocky Linux 9

    How To Install MongoDB 6.0 on Rocky Linux 9

    Install Docker on Rocky Linux

    How To Install Docker CE on Rocky Linux 9

  • CentOS
    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on CentOS 7

    Install PHP8.2 on CentOS 7

    How To Install PHP 8.2 on CentOS 7 / RHEL 7

    Install Apache on CentOS 7

    How To Install Apache Web Server on CentOS 7

    Set Up FirewallD on CentOS 7

    How To Set Up a Firewall Using FirewallD on CentOS 7

    Initial Setup CentOS 7 Server

    Initial Setup CentOS 7 Server: Secure and Efficient

    Install Nginx on CentOS 7

    How To Install Nginx on CentOS 7: A Comprehensive Guide

    Build NGINX from Source on Centos 7

    How To Build NGINX from Source (Compile) on Centos7

    Install Docker Swarm on CentOS 7

    Install and Configure Docker Swarm Mode on Centos 7

    Install Docker Compose on Centos 7

    How To Install and Use Docker Compose on Centos 7

  • Linux
    Manage Groups on Linux

    A Simple Guide: How To Manage Groups on Linux

    Logrotate In Linux

    How To Manage Log Files Using Logrotate In Linux

    Check File Size in Linux

    The Easy Ways to Check File Size in Linux

    Linux server security system administrators

    Best Practices Linux Server Security for System Administrator

    Backup Files From Remote Linux VPS Using Rsync Script

    How To Backup Files From Remote Linux VPS Using Rsync Script

    SSH Key-based Authentication

    How To Configure SSH Key-based Authentication In Linux

    Linux File Permissions

    Understanding Linux File Permissions for Beginners

    Create Multiboot USB with Ventoy

    How To Create Multiboot USB with Ventoy in Linux

    Find Hard Disk Drive Information in Linux

    How To Find Hard Disk Drive Information in Linux

No Result
View All Result
Linux Tutorials for Beginners
  • Ubuntu
    Install and Secure phpMyAdmin on Ubuntu 22.04

    How To Install and Secure phpMyAdmin on Ubuntu 22.04

    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Ubuntu 22.04

    Install Uptime Kuma on Ubuntu 22.04

    How To Install Uptime Kuma on Ubuntu 22.04

    Install Ubuntu Server 22.04

    How To Install Ubuntu Server 22.04 LTS with Screenshots

    Set Up Firewall on Ubuntu 22.04

    How To Set Up a Firewall with UFW on Ubuntu 22.04

    Install Nginx on Ubuntu

    How To Install Nginx on Ubuntu 22.04: A Comprehensive Guide

    Install MySQL 8.0 on Ubuntu 22.04

    How To Install MySQL 8.0 on Ubuntu Server 22.04

    install-php74-ubuntu2204

    How To Install PHP 7.4 on Ubuntu 22.04

    Install Snipe-IT on Ubuntu 22.04

    How To Install Snipe-IT Asset Management on Ubuntu 22.04

  • Debian
    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Debian 11

    Install Debian 11 Server

    How To Install Debian 11 (Bullseye) Server with Pictures

    Install and Setup Node.js on Debian 11

    How To Install and Setup Node.js on Debian 11

    Install PHP 8.2 on Debian 11

    How To Install PHP 8.2 on Debian 11

    Install Nginx on Debian 11

    How To Install Nginx on Debian 11: A Comprehensive Guide

    Set Up Firewall with UFW on Debian

    How To Set Up a Firewall with UFW on Debian 11

    install php74 on debian 11

    How To Install PHP 7.4 on Debian 11

    Install MariaDB 10.9 on Debian 11

    How To Install MariaDB 10.9 on Debian 11 Server

    Initial Setup Debian Server

    Initial Setup Debian 11 Server: Secure and Efficient

  • Rocky Linux
    Install phpMyAdmin on Rocky Linux 9

    How To Install phpMyAdmin on Rocky Linux 9

    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on Rocky Linux 9

    Install Rocky Linux 9.2 Server

    How To Install Rocky Linux 9.2 Server with Screenshots

    setup Firewall Using Firewalld Rocky Linux 9

    How To Set Up a Firewall Using FirewallD on Rocky Linux 9

    Install Nginx on Rocky Linux 9

    How To Install Nginx on Rocky Linux 9: A Comprehensive Guide

    Install Apache on Rocky Linux

    How To Install and Configure Apache on Rocky Linux 9

    Install MongoDB on Rocky Linux 9

    How To Install MongoDB 6.0 on Rocky Linux 9

    Install Docker on Rocky Linux

    How To Install Docker CE on Rocky Linux 9

  • CentOS
    Secure SSH with Fail2Ban

    How To Secure SSH with Fail2Ban on CentOS 7

    Install PHP8.2 on CentOS 7

    How To Install PHP 8.2 on CentOS 7 / RHEL 7

    Install Apache on CentOS 7

    How To Install Apache Web Server on CentOS 7

    Set Up FirewallD on CentOS 7

    How To Set Up a Firewall Using FirewallD on CentOS 7

    Initial Setup CentOS 7 Server

    Initial Setup CentOS 7 Server: Secure and Efficient

    Install Nginx on CentOS 7

    How To Install Nginx on CentOS 7: A Comprehensive Guide

    Build NGINX from Source on Centos 7

    How To Build NGINX from Source (Compile) on Centos7

    Install Docker Swarm on CentOS 7

    Install and Configure Docker Swarm Mode on Centos 7

    Install Docker Compose on Centos 7

    How To Install and Use Docker Compose on Centos 7

  • Linux
    Manage Groups on Linux

    A Simple Guide: How To Manage Groups on Linux

    Logrotate In Linux

    How To Manage Log Files Using Logrotate In Linux

    Check File Size in Linux

    The Easy Ways to Check File Size in Linux

    Linux server security system administrators

    Best Practices Linux Server Security for System Administrator

    Backup Files From Remote Linux VPS Using Rsync Script

    How To Backup Files From Remote Linux VPS Using Rsync Script

    SSH Key-based Authentication

    How To Configure SSH Key-based Authentication In Linux

    Linux File Permissions

    Understanding Linux File Permissions for Beginners

    Create Multiboot USB with Ventoy

    How To Create Multiboot USB with Ventoy in Linux

    Find Hard Disk Drive Information in Linux

    How To Find Hard Disk Drive Information in Linux

No Result
View All Result
Linux Tutorials for Beginners
No Result
View All Result

Home » Debian » How To Secure SSH with Fail2Ban on Debian 11

How To Secure SSH with Fail2Ban on Debian 11

sammbysamm
October 29, 2023
Secure SSH with Fail2Ban

How To Secure SSH with Fail2Ban on Debian 11

Share on FacebookShare on LinkedinShare on Whatsapp

Debian 11, the latest version of the renowned Linux distribution, is an excellent choice for hosting servers due to its robustness and reliability. However, even the most secure operating system requires diligent safeguarding. One of the fundamental steps in securing your server is protecting your SSH service. In this comprehensive guide, we’ll walk you through the process configuration of how to protect and Secure SSH with Fail2Ban on Debian 11

Table of Contents

  • What is SSH and Why Secure It?
  • Prerequisites
  • Installing Fail2Ban
  • Secure SSH with Fail2Ban
    • SSH Configuration
    • Fail2Ban Configuration
    • Restart Services
  • Checking Fail2Ban Status
  • Customizing Fail2Ban Settings
  • Conclusion
  • To Sum It Up

What is SSH and Why Secure It?

Basically SSH (Secure Shell) is a protocol that allows you to access a remote server securely. It’s a fundamental tool for server administration, file transfers, and more. However, SSH can be a prime target for malicious actors trying to gain unauthorized access to your server.

OTHER POSTS

How To Install Debian 11 (Bullseye) Server with Pictures

How To Install and Setup Node.js on Debian 11

How To Install PHP 8.2 on Debian 11

By securing SSH, you ensure that only authorized users can connect to your server, reducing the risk of intrusion and potential data breaches. Fail2Ban is a robust and user-friendly tool that helps achieve this.

Prerequisites

Before we dive into how to protect and Secure SSH with Fail2Ban on Debian 11, make sure you have the following:

  • An active Debian 11 server and a regular user with sudo privileges. If you’re unsure about how to create a user with these privileges, feel free to check out our guide on Initial Setup Ubuntu Server 22.04: Secure and Efficient.
  • If you’d like to test the ban functionality intentionally, you may also want to have a second server ready to connect to your primary server.

Installing Fail2Ban

Before we dive into protecting SSH, we need to install Fail2Ban. Open your terminal and run the following command:

$ sudo apt update
$ sudo apt install fail2ban

This will install Fail2Ban on your Debian 11 server. After installation, Fail2ban will automatically establish a background service. Nonetheless, it remains deactivated by default due to the potential undesirable consequences of some default settings. You can confirm this status by employing the ‘systemctl’ following command.

$ systemctl status fail2ban.service
● fail2ban.service - Fail2Ban Service
     Loaded: loaded (/lib/systemd/system/fail2ban.service; enabled; vendor preset: enabled
     Active: active (running) since Tue 2023-10-29 12:42:10 UTC; 17s ago
       Docs: man:fail2ban(1)
    Process: 1969 ExecStartPre=/bin/mkdir -p /run/fail2ban (code=exited, status=0/SUCCESS
   Main PID: 1970 (fail2ban-server)
      Tasks: 5 (limit: 1125)
     Memory: 15.8M
        CPU: 255ms
     CGroup: /system.slice/fail2ban.service
             └─1970 /usr/bin/python3 /usr/bin/fail2ban-server -xf start

You have the option to enable Fail2ban immediately; however, it’s a good idea to first explore some of its features.

Once the installation is complete, we can proceed with the configuration.

Secure SSH with Fail2Ban

SSH Configuration

Open the SSH configuration file by running:

$ sudo nano /etc/ssh/sshd_config

Find the following line and set the value to ‘yes’:

PasswordAuthentication no

This ensures that password-based authentication is disabled, making your server more secure.

Fail2Ban Configuration

Now, let’s configure Fail2Ban to monitor SSH. Create a custom configuration file for SSH by running:

$ sudo nano /etc/fail2ban/jail.d/ssh.local

Add the following content to the file:

[sshd]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 3
bantime = 1800
ignoreip = 127.0.0.1/8

This configuration establishes a Fail2ban jail titled “[sshd]” designed to safeguard the SSH (Secure Shell) service. Let’s dissect each element:

  • enabled = true: This line affirms that the “[sshd]” jail is in an active state, signifying that it actively monitors and guards against unauthorized access attempts.
  • port = ssh: This indicates the specific port number, which is typically 22, where the SSH service operates. Fail2ban diligently watches this port for any suspicious activities.
  • filter = sshd: This points to the name of the filter that needs to be applied to supervise the SSH service. The filter rules articulate what events to scrutinize and how to identify potentially malicious behaviors.
  • logpath = /var/log/auth.log: This pinpoints the location of the log file, typically found at /var/log/auth.log, where authentication-related SSH events are documented. Fail2ban diligently scans this log file for signs of unauthorized access attempts.
  • maxretry = 3: This establishes the threshold for the maximum number of allowable failed login attempts before Fail2ban takes responsive action. If there are three or more consecutive failed attempts originating from the same IP address, Fail2ban will intervene.
  • bantime = 1800: This dictates the duration, measured in seconds, for which an IP address remains banned once it surpasses the maximum threshold for failed attempts. In this case, the ban endures for 1800 seconds, which equates to 30 minutes.
  • ignoreip = 127.0.0.1/8: Any attempts originating from these listed IP addresses will not be counted towards the maximum retry count. Notably, localhost (127.0.0.1) is included in this list. This configuration is crucial as it prevents you from accidentally locking yourself out of your own Fail2ban server.

Restart Services

Now, restart both the SSH and Fail2Ban services:

$ sudo systemctl restart ssh
$ sudo systemctl restart fail2ban

Fail2Ban is now configured to protect your SSH service. If an IP address exceeds the maximum login attempts, it will be temporarily banned.

Checking Fail2Ban Status

To check the status of Fail2Ban and monitor banned IP addresses, run the following command:

$ sudo fail2ban-client status sshd

You will see a list of banned IP addresses and their corresponding jails.

Customizing Fail2Ban Settings

If you wish to customize configuration Fail2Ban’s settings, you can edit the /etc/fail2ban/jail.local file. This file allows you to change parameters like the number of allowed retries and the ban duration.

Conclusion

By following this straightforward guide, you’ve learned how to secure SSH with Fail2Ban on Debian 11. Your server is now better protected against unauthorized access, reducing the risk of security breaches.

First thing to remember, server security is an ongoing process. Regularly updating your server and monitoring your logs is essential to maintaining a secure environment. Keep your Debian 11 server and SSH access safe with the power of Fail2Ban.

To Sum It Up

  • Debian 11 is a stable choice for hosting servers.
  • SSH is a secure protocol for remote server access.
  • Fail2Ban is an essential tool for protecting SSH from unauthorized access.
  • The installation and configuration of Fail2Ban are straightforward.
  • Regularly monitor your server to maintain a secure environment.

Also Read Our Other Guides :

  • How To Secure SSH with Fail2Ban on Ubuntu 22.04
  • How To Secure SSH with Fail2Ban on CentOS 7
  • How To Secure SSH with Fail2Ban on Rocky Linux 9

Finally, now you have learned how to protect and Secure SSH with Fail2Ban, bolster your server’s security, and keep your data safe on Debian 11.

Tags: DebianFail2BanFirewallSecuritySSH

If you got help by our tutorials, please buy me a coffee..!

Buy Me a Coffee

Thank you so much for your support!!

Previous Post

How To Secure SSH with Fail2Ban on Ubuntu 22.04

Next Post

How To Secure SSH with Fail2Ban on CentOS 7

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

RECENT POST

Install and Secure phpMyAdmin on Ubuntu 22.04

How To Install and Secure phpMyAdmin on Ubuntu 22.04

by samm
July 22, 2024
0

Are you ready to take control of your MySQL databases on Ubuntu 22.04? In this step-by-step guide, we'll walk you...

Manage Groups on Linux

A Simple Guide: How To Manage Groups on Linux

by samm
November 12, 2023
0

Are you a Linux enthusiast looking to enhance your system administration skills? One fundamental aspect you should master is how...

Install phpMyAdmin on Rocky Linux 9

How To Install phpMyAdmin on Rocky Linux 9

by samm
November 11, 2023
0

If you're navigating the world of Rocky Linux 9 and looking to streamline your MariaDB or MySQL database management, installing...

Logrotate In Linux

How To Manage Log Files Using Logrotate In Linux

by samm
November 10, 2023
0

Log files are an essential part of any Linux system. They provide valuable insights into the system's activities, helping administrators...

Load More

RECOMMENDED.

Install Redis on Debian

How To Install Redis on Debian 11 Server

October 16, 2023
Secure SSH with Fail2Ban

How To Secure SSH with Fail2Ban on Rocky Linux 9

October 29, 2023
sammlinux sammlinux sammlinux

Related Posts

Install Debian 11 Server
Debian

How To Install Debian 11 (Bullseye) Server with Pictures

October 20, 2023
Install and Setup Node.js on Debian 11
Debian

How To Install and Setup Node.js on Debian 11

October 17, 2023
Install PHP 8.2 on Debian 11
Debian

How To Install PHP 8.2 on Debian 11

October 17, 2023
Install Nginx on Debian 11
Debian

How To Install Nginx on Debian 11: A Comprehensive Guide

October 16, 2023
Load More
Next Post
Secure SSH with Fail2Ban

How To Secure SSH with Fail2Ban on CentOS 7

  • About Us
  • Disclaimers
  • Privacy Policy
  • Sitemap

© 2023 sammlinux - Learn Today for Lead Tomorrow.

No Result
View All Result
  • Ubuntu
  • Debian
  • Rocky Linux
  • CentOS
  • Linux

© 2023 sammlinux - Learn Today for Lead Tomorrow.