It was all going great with my #Fail2Ban #SSH jails on two of my VPSs until I changed the port SSH listens on. F2B seems to only work when SSH port is 22. Anyone experienced this? I wasted enough hours debugging this that I've now removed F2B out of frustration.
#network #networking #security #server #firewall #ubuntu #linux
@c_ristina
Indeed. I made sure to update port in jail.local and even /etc/services, but with a port other than 22, things just don't seem to work, including logs in /var/log/auth.log.
I'm no expert so it's difficult to debug effectively. I suspect it's something to do with the way F2B talks to iptables.
@ITwrx
I use public key auth but also allow password auth for non-root user in case I need access and don't have access to my keys.
@c_ristina
@syntax I think you have to add a port config file somewhere for Fail2Ban I'd you want it on another port. Two questions, though. 1: why do you want to change your ssh port? 2: why use fail2ban? It is unnecessary unless you're authenticating through exclusively a password.
@ThreeBadgersInATrenchcoat
I started using it mostly for additional layer of security although I already have UFW active. I allow password auth for a non-root user just in case I don't have access to my keys.
@syntax afaik this is service based, so you could have your config specific with diff port, even more then one