Hi there, I really can't find enough words to express my gratitude to you all guys. :)
I think I am finally putting this to work. All your suggestions and help made me understand, I think, how that works. I've done the following: 1) Once, for what I understood, jail.local always overrides jail.conf, I left all jails disabled (false) on jail.local. After that, I've renamed jail.conf to jail.conf.unused, as Lee suggested. 2) Now I created a sshd.conf file in /etc/fail2ban/jail.d and put there only the content regarding the sshd jail that was in my jail.local, enabling this jail. 3) Finally I tried to start Fail2Ban and it worked! Thank you! Well, I noticed (maybe I am wrong, of course) that I need to use both `sudo fail2ban-client start` and `sudo systemctl start fail2ban` to make it start and be enabled. Is that right? But I rebooted the server and systemctl status shows me that Fail2Ban is still active. Another question, if possible: now I have only sshd jail active, as per the above procedures. Is there a way to check if it is really running? Thanks again. Em qui., 9 de fev. de 2023 às 12:13, Mauricio Tavares <raubvo...@gmail.com> escreveu: > On Thu, Feb 9, 2023 at 10:11 AM L. V. Lammert <l...@omnitec.net> wrote: > > > > On Thu, 9 Feb 2023, Mauricio Tavares wrote: > > > > > My suggestion is to find which services you are using and then > > > where they are writing their logs to. Take a look at jail.conf (I > > > forgot to mention that file). Chances are there are entries for most > > > of the services there. Case in point, the ssh services, including > > > selinux-ssh, it knows of are > > > > > It appears that the fail2ban package for Ubuntu 20 is NOT very current. > > Much simpler to manage if all of the jails are in separate files in > > jail.d, .. not in a mile long jail.conf. > > > > Also, always confirm the installation of ONLY ssh, until you know what > you > > need to monitor. > > > FYI > > raub@some-debian-box:~$ cat /etc/fail2ban/jail.d/defaults-debian.conf > [sshd] > enabled = true > raub@some-debian-box:~$ > > > Lee >
_______________________________________________ Fail2ban-users mailing list Fail2ban-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/fail2ban-users
