[NavinF]

Well that and sane people just disable password auth. fail2ban is a 90s sysadmin solution to a nonexistent problem.

[seized]

Fail2Ban can do more than SSH. Any log that can be parsed and has a useful remote IP can work.

I have it scanning my Ubiquiti NVR logs, I modified Tomcat to log the remote IP from my reverse proxy. If anyone tries to log into my NVR three times then Fail2Ban adds the IP to a permanent blocklist on my OpnSense firewall and then HAProxy kills the TCP connection. They can't even ping after that.

[nousermane]

IP reputation is a problem wider then just SSH password brute-forcing - see HTTP(S) brute-force example elsewhere in this thread.