因為 raspberry pi 的 ssh port 開在預設的 22 port ,要連出的地方又有防水牆只能從 22 port 到 ssh
所以安裝了 fail2ban ,當重試多次錯誤就ban掉該ip
sudo apt-get install fail2ban
fail2ban - ban hosts that cause multiple authentication errors
關於 ssh ban的設定如下
$ vim /etc/fail2ban/jail.conf
#
# in /etc/fail2ban/jail.local.
#
# Optionally you may override any other parameter (e.g. banaction,
# action, port, logpath, etc) in that section within jail.local
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
maxretry = 6
沒有留言:
張貼留言