[-] lack_of_reserves@alien.top 1 points 11 months ago

I have an open ssh port and I use key auth with password as well as crowdsec. Even if people get my ssh key they would still need to know the password.

[-] lack_of_reserves@alien.top 1 points 11 months ago

The majority of the default fail2ban installations only bans an IP for 10 minutes and uses a 10 minute findtime, e.g. slow brute forcing is not at all banned.

Before I switched to crowdsec (which I really recommend you do, its quite easy) I changed my bantime and findtime in /etc/fail2ban/jail.conf (I think I made a local file... read the file it should say) to something like 8 hours (e.g. change 10m to 640m for both those variables).

[-] lack_of_reserves@alien.top 1 points 11 months ago

Remember to configure fail2ban, the defaults are silly.

Also, these days I prefer crowdsec to fail2ban.

lack_of_reserves

joined 1 year ago