Enable Fail2ban for SSH jail is quite straightforward on PVE 8.3. However, there are many articles on other websites that are outdated.
To install Fail2ban, login to the PVE web interface, then locate to the Shell under the PVE host:
apt update
apt install fail2ban
Then use nano to create the Fail2ban rule:
nano /etc/fail2ban/jail.local
Paste the following:
[sshd]
enabled = true
port = ssh
filter = sshd
logpath = journal
backend = systemd
maxretry = 2
banaction = iptables-allports
bantime = 3600
Restart the Fail2ban service, then check if it’s up and running:
service fail2ban restart
/etc/init.d/fail2ban status
fail2ban-client status sshd
You should now have Fail2ban up and running.
02/02/2025
Enable Fail2ban on PVE 8.3.2
By dch1 in Just Notes No Comments
Enable Fail2ban for SSH jail is quite straightforward on PVE 8.3. However, there are many articles on other websites that are outdated.
To install Fail2ban, login to the PVE web interface, then locate to the Shell under the PVE host:
Then use nano to create the Fail2ban rule:
Paste the following:
Restart the Fail2ban service, then check if it’s up and running:
You should now have Fail2ban up and running.