If you're looking for an SSH jail I think the Arch docs are going to be relevant, as it looks like it's configured much differently with systemd.
Oooh, good point. I'm not even sure if I should be using this with cert only based auth
It does usually not make sense to use fail2ban with e.g sshd when only public key authentication or similar is enabled.
I think you can deal with this by installing either rsyslog
or syslog-ng
and iptables
. They all should be in the repos. Once you’ve go those set up it should supersede the equivalent systemd
utilities.
Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.
There’s a utility called logrotate
that should take care of the log rotation for you.
Good luck getting it all set up.
this post was submitted on 20 Feb 2024
12 points (92.9% liked)
homelab
6460 readers
4 users here now
founded 4 years ago
MODERATORS