Fail2ban is a very good tool for hardening linux against brute-force attacks. It works by checking logs and creating iptable rules once the rules are triggered.
The following guide is for Ubuntu/Debian who’s repos already provide the required pacakges. For CentOS/RHEL, epel-release repo must be installed first.
Update the packages and install fail2ban:
apt update && apt -y dist-upgrade && apt -y install fail2ban
Create a jail configuration file:
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
SSH might be included by default but just to make sure, it will be enabled manually.
Include SSH in the newly created jail:
Scroll down to sshd and you should see the following config:
Change… read more +