Forum

When i install Xbian, and enable SSH (to accept logins from other LAN computers), is the Xbian protected from unrestricted SSH brute-force or what are SSH failed login restrictions in place?

Is suggested to install fail2ban or something else?
https://web.emhmki.org/guides/ssh/guide_ssh_rate_limiting.html
https://lowendguide.com/3/security/rate-limiting-ssh-with-iptables/

When trying to install fail2ban, i have got:
full log

Thank you

Sorry for the late response

(15th Nov, 2023 09:51 PM)postcd Wrote: [ -> ]When i install Xbian, and enable SSH (to accept logins from other LAN computers), is the Xbian protected from unrestricted SSH brute-force or what are SSH failed login restrictions in place?

Is suggested to install fail2ban or something else?
https://web.emhmki.org/guides/ssh/guide_ssh_rate_limiting.html
https://lowendguide.com/3/security/rate-limiting-ssh-with-iptables/

When trying to install fail2ban, i have got:

Code:

Starting Authentication failure monitor: fail2ban2023-11-15 12:47:11,251 fail2ban                [8360]: ERROR   Failed during configuration: Have not found any log file for sshd jail
failed!
invoke-rc.d: initscript fail2ban, action "start" failed.
dpkg: error processing package fail2ban (--configure):
installed fail2ban package post-installation script subprocess returned error exit status 1
Processing triggers for man-db (2.9.4-2) ...
Errors were encountered while processing:
fail2ban
E: Sub-process /usr/bin/dpkg returned an error code (1)

full log

Thank you

No, they are not. you can also make life unnecessarily difficult for yourself
Only allow ssh by key instead of password is completely sufficient

No idea why the fail2ban doesn't start, maybe it's because the sshd is started by inetd by default

As long as the Raspberry Pi on which XBian is running is not directly accessible from the internet, it is completely nonsense to install something like fail2ban