Skip to main content
Unix & Linux

Return to Answer

Add [DEFAULT] section to fix startup error
Source Link
edit approved Dec 26, 2023 at 13:00
Mathias Brodala
edit approved Dec 26, 2023 at 13:00
Mathias Brodala
  • 105
  • 4

For systemd systems:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

[DEFAULT]
backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

Edit:

I'm a heavy CentOS/RHEL/Fedora guy so you may have to adapt what I say a bit. As far as this answer, you may have to update the fail2ban package to a version that supports systemd as a backend or you'll have to install rsyslog and add the following to your /etc/rsyslog.conf:

authpriv.*      /var/log/auth.log

This will make sure sshd auth logs are logging to /var/log/auth.log which will be read by the default pyinotify backend in fail2ban:

For systemd systems:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

Edit:

I'm a heavy CentOS/RHEL/Fedora guy so you may have to adapt what I say a bit. As far as this answer, you may have to update the fail2ban package to a version that supports systemd as a backend or you'll have to install rsyslog and add the following to your /etc/rsyslog.conf:

authpriv.*      /var/log/auth.log

This will make sure sshd auth logs are logging to /var/log/auth.log which will be read by the default pyinotify backend in fail2ban:

For systemd systems:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

[DEFAULT]
backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

Edit:

I'm a heavy CentOS/RHEL/Fedora guy so you may have to adapt what I say a bit. As far as this answer, you may have to update the fail2ban package to a version that supports systemd as a backend or you'll have to install rsyslog and add the following to your /etc/rsyslog.conf:

authpriv.*      /var/log/auth.log

This will make sure sshd auth logs are logging to /var/log/auth.log which will be read by the default pyinotify backend in fail2ban:

added 529 characters in body
Source Link
user136881
user136881

For systemd systems:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

Edit:

I'm a heavy CentOS/RHEL/Fedora guy so you may have to adapt what I say a bit. As far as this answer, you may have to update the fail2ban package to a version that supports systemd as a backend or you'll have to install rsyslog and add the following to your /etc/rsyslog.conf:

authpriv.*      /var/log/auth.log

This will make sure sshd auth logs are logging to /var/log/auth.log which will be read by the default pyinotify backend in fail2ban:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

For systemd systems:

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

Edit:

I'm a heavy CentOS/RHEL/Fedora guy so you may have to adapt what I say a bit. As far as this answer, you may have to update the fail2ban package to a version that supports systemd as a backend or you'll have to install rsyslog and add the following to your /etc/rsyslog.conf:

authpriv.*      /var/log/auth.log

This will make sure sshd auth logs are logging to /var/log/auth.log which will be read by the default pyinotify backend in fail2ban:

edited body
Source Link
heemayl
heemayl
  • 58.1k
  • 9
  • 129
  • 144

You have to specify the backend in /etc/fail2ban/jail.conf/etc/fail2ban/jail.conf to use systemdsystemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban

You have to specify the backend in /etc/fail2ban/jail.conf to use systemd as follows:

backend = systemd

Then restart fail2ban:

systemctl restart fail2ban
Source Link
user136881
user136881