It was all going great with my jails on two of my VPSs until I changed the port SSH listens on. F2B seems to only work when SSH port is 22. Anyone experienced this? I wasted enough hours debugging this that I've now removed F2B out of frustration.

@syntax afaik this is service based, so you could have your config specific with diff port, even more then one

Indeed. I made sure to update port in jail.local and even /etc/services, but with a port other than 22, things just don't seem to work, including logs in /var/log/auth.log.

I'm no expert so it's difficult to debug effectively. I suspect it's something to do with the way F2B talks to iptables.

@syntax @c_ristina why do you need f2b? are you using password auth or something?

I use public key auth but also allow password auth for non-root user in case I need access and don't have access to my keys.

@syntax @c_ristina well, if it were me i would ditch password auth and f2b with it.

@syntax I think you have to add a port config file somewhere for Fail2Ban I'd you want it on another port. Two questions, though. 1: why do you want to change your ssh port? 2: why use fail2ban? It is unnecessary unless you're authenticating through exclusively a password.

I started using it mostly for additional layer of security although I already have UFW active. I allow password auth for a non-root user just in case I don't have access to my keys.

Sign in to participate in the conversation
Mastodon 🔐

Fast, secure and up-to-date instance. PrivacyTools provides knowledge and tools to protect your privacy against global mass surveillance.

Matrix Chat:
Support us on OpenCollective, many contributions are tax deductible!