Server - Fail2Ban 
19 Sep 25
Server was unresponsive
$sudo journalctl -u ssh -n 50
revealed it had come under Brute Force Attack
Shut off power overnight
$sudo nano /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
🚨 Test in a new terminal before closing your current session to make sure you can still log in.
$sudo systemctl restart ssh
Installed Fail2Ban (/etc/fail2ban)
created /etc/fail2ban/jail.local which overrides defaults in /etc/fail2ban/jail.conf defaults to set stricter params:
If someone fails 5 times in 10 minutes, they’re banned for 1 hour.
Next time they try and get banned → it doubles to 2 hours, then 4 hours, etc.
After a few repeats → they get permanently banned.
$sudo journalctl -u ssh -n 50
revealed it had come under Brute Force Attack
Shut off power overnight
$sudo nano /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
🚨 Test in a new terminal before closing your current session to make sure you can still log in.
$sudo systemctl restart ssh
Installed Fail2Ban (/etc/fail2ban)
created /etc/fail2ban/jail.local which overrides defaults in /etc/fail2ban/jail.conf defaults to set stricter params:
If someone fails 5 times in 10 minutes, they’re banned for 1 hour.
Next time they try and get banned → it doubles to 2 hours, then 4 hours, etc.
After a few repeats → they get permanently banned.
