**This doesn't setup any email notifications.
**My own server setup, customization and settings
Install
sudo dnf install fail2ban ipset
Files and Modifications
/etc/fail2ban/fail2ban.conf
dbpurgeage = 1209600
/etc/fail2ban/jail.conf
# "bantime" is the number of seconds that a host is banned. #banned one week bantime = 604800 # A host is banned if it has generated "maxretry" during the last "findtime" # seconds. #if they tried in the last 24 hours findtime = 88800 # "maxretry" is the number of failures before a host get banned. #basically, one login chance! maxretry = 3
/etc/fail2ban/jail.d/local.conf
[DEFAULT] #one week, be sure to update the fail2ban.conf file with the appropriate dbpurge time bantime = 604800 banaction = firewallcmd-ipset backend = systemd action = %(action_)s [sshd] enabled = true
Then restart the service and check status that it's running.
Tools
How to see the status of the SSH jail:
fail2ban-client status sshd
How to unban an ip:
fail2ban-client set sshd unbanip 8.8.8.8