ubuntu:fail2ban:test_fail2ban
Table of Contents
Ubuntu - Fail2Ban - Test Fail2Ban
Log into another machine and attempt an SSH login to the server housing fail2ban.
- Make sure to type the password incorrectly 3 times.
NOTE: After the third attempt, SSH will lock you out, and you must use the CTRL + C key combination to return you to the prompt.
- If another attempt is made to SSH login, a Connection refused error should be noticed.
Check that there is a banned IP
sudo fail2ban-client status sshd
returns:
Status for the jail: sshd |- Filter | |- Currently failed: 0 | |- Total failed: 3 | `- File list: /var/log/auth.log `- Actions |- Currently banned: 1 |- Total banned: 1 `- Banned IP list: 192.168.1.40
NOTE: This shows that IP Address, 192.168.1.40, is banned.
To unban an IP address
To unban IP address 192.168.1.40:
sudo fail2ban-client set sshd unbanip 192.168.1.40
NOTE: This should see the number one printed out, because that is how many IP addresses were just unbanned.
To manually ban an IP
sudo fail2ban-client set sshd banip 192.168.1.40
IMPORTANT: After testing, remember to unban the IP address that was used.
ubuntu/fail2ban/test_fail2ban.txt · Last modified: 2022/06/30 20:48 by 45.89.242.235