-
Notifications
You must be signed in to change notification settings - Fork 38
/
SSH.yml
68 lines (49 loc) · 1.38 KB
/
SSH.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
###### 安装 Fail2ban SSH防护 服务
#新建配置目录
mkdir -p /docker/fail2ban/jail.d
# 首先写入配置文件
echo '
[DEFAULT]
#指定哪些地址可以忽略 fail2ban 防御
ignoreip = 127.0.0.1/8
bantime = 86400
maxretry = 10
findtime = 1800
[sshd]
enabled = true
filter = sshd
action = iptables[name=SSH, port=ssh, protocol=tcp]
logpath = /var/log/auth.log
#输入最大尝试次数
maxretry = 10
#查找失败次数的时长(秒)
findtime = 3600
#输入阻止IP的持续时间(秒)
bantime = 43200
' >> /docker/fail2ban/jail.d/sshd.local
docker run -it \
--name Fail2ban \
--restart unless-stopped \
--network host \
-e TZ=Asia/Shanghai \
--cap-add NET_ADMIN \
--cap-add NET_RAW \
-v /docker/fail2ban:/data \
-v /var/log:/var/log:ro \
crazymax/fail2ban:latest
# 查看工作状态
docker exec -ti Fail2ban fail2ban-client status sshd
# iptables 规则
docker exec -ti Fail2ban iptables -nvL
# 手动禁止IP
docker exec -t Fail2ban fail2ban-client set sshd banip 10.0.0.253
# 手动删除IP
docker exec -t Fail2ban fail2ban-client set sshd unbanip 10.0.0.55
# 邮箱通知
-e SSMTP_HOST=smtp.gmail.com \
-e SSMTP_PORT=587 \
-e SSMTP_HOSTNAME=raspberrypi \
-e [email protected] \
-e SSMTP_PASSWORD=XXXXXXXX \
-e SSMTP_TLS=YES \
-e SSMTP_STARTTLS=YES \