Setting up fail2ban on Debian 12
Setting up fail2ban on Debian 12
I've used fail2ban in the past on Ubuntu, and it was very easy to setup.
Apparently on Debian, there is no /var/log/auth.log, and it does not use iptables, so fail2ban is not seeing the failed login attempts and jailing the purp.
Has anyone set this up successfully before? I see suggestions online to set backend = systemd, but this does not seem to be fixing the issue for me.
I think you can deal with this by installing either
rsyslogorsyslog-ngandiptables. They all should be in the repos. Once you’ve go those set up it should supersede the equivalentsystemdutilities.Thank you, I might give this a try tomorrow. I thought I read something similar, but that it would require you to take care of log rotation as well otherwise they would just grow. Not sure how true that is.
There’s a utility called
logrotatethat should take care of the log rotation for you.Good luck getting it all set up.