Ubuntu - Fail2Ban - Override the default configuration settings for the sshd service

sshd is the only service monitored by fail2ban by default.

Edit that /etc/fail2ban/jail.d/defaults-debian.conf file, and add configuration changes into the section of the sshd service.

/etc/fail2ban/jail.d/defaults-debian.conf

[DEFAULT]
banaction = nftables
banaction_allports = nftables[type=allports]
backend = systemd
 
[sshd]
enabled = true
 
# The following lines override the default values for the sshd service
bantime = 600
findtime = 3m
maxretry = 5
action = %(action_mw)s

NOTE: Various entries have been added into the [sshd] section to override the default values.

Enable the new changes

Reload fail2ban to enable the changes.

sudo systemctl reload fail2ban