I’ve used fail2ban in the past on Ubuntu, and it was very easy to setup.

Apparently on Debian, there is no /var/log/auth.log, and it does not use iptables, so fail2ban is not seeing the failed login attempts and jailing the purp.

Has anyone set this up successfully before? I see suggestions online to set backend = systemd, but this does not seem to be fixing the issue for me.

  • tvcvt
    link
    fedilink
    arrow-up
    2
    ·
    4 months ago

    There’s a utility called logrotate that should take care of the log rotation for you.

    Good luck getting it all set up.