Increasing fail2ban retries

Created by Jeremy Fischer
Dec 17, 2017
min read

fail2ban is installed on every launched instance at boot. The default number of login failures is set to three. If you want to change that, you can:

cd /etc/fail2ban
sudo nano jail.local

and look for this section.

[ssh-iptables]
enabled = true
filter = sshd
action = iptables[name=SSH, port=22, protocol=tcp]
sendmail-whois[name=SSH, dest=root@localhost, sender=Fail2Ban, sendername="Fail2Ban"]
logpath = /var/log/secure
maxretry = 3

---

Change the maxretry value and save the file.

sudo systemctl restart fail2ban

to restart the service with the new config.


To remove any banned IPs you can get the instructions from http://wiki.jetstream-cloud.org/Troubleshooting+-+FAQ

which are:

sudo iptables -L -n

Look for your IP number in that output, if it's there, proceed

sudo fail2ban-client status

Should show you fail2ban is working and your jail name(s):

[js-157-95] root ~-->fail2ban-client status
Status
|- Number of jail: 1
`- Jail list: ssh-iptables

sudo fail2ban-client set ssh-iptables unbanip YOUR_IP_NUMBER