1.安装默认文件
2.安全配置,SSH
参考
https://wiki.alpinelinux.org/wiki/Fail2ban
Install
This will install fail2ban package. It includes iptables package (see also Configure_Networking#Firewalling_with_iptables_and_ip6tables)
apk add fail2banEnable the fail2ban service so that it starts at boot:
这里可以在重启后再执行,以防止 fail2ban 启动后就把自己的IP禁止了~~
rc-update add fail2banStart the fail2ban service immediately and create configuration files:
rc-service fail2ban startList services to verify fail2ban is enabled:
rc-statusConfiguration
- Configuration files are located at /etc/fail2ba
查询登录失败的信息
grep 'Failed password' /var/log/messages
查看被禁止登录的IP
fail2ban-client status sshd
# 1. 统计失败登录次数最多的 IP
lastb | awk '{print $3}' | sort | uniq -c | sort -nr | head -10# 查看systemd ssh 日志
journalctl -u ssh -f# debian 主机部分
# 方法1:停止所有用户切片(推荐,温和清理)
systemctl stop user.slice --user=all # 停止所有用户的切片
systemctl stop 'user-*.slice' # 停止所有用户ID对应的切片# 如何提示
# tail -f /var/log/auth.log
# 如果不存在
#
apt install rsyslog
apt install fail2ban
systemctl start fail2ban
systemctl status fail2ban -l