|
|
|
|
|
|
by kbar13
4544 days ago
|
|
|
I would like to take this opportunity to air my grievances regarding fail2ban. I'm not a security researcher, but fail2ban appears to be a log prettifier instead of an actual security apparatus, as it doesn't actually prevent anyone from logging into your box. Unless you've configured fail2ban to ban IPs after 1 failed attempt, if you don't have a secure password or any other such basic security measures, you are still at risk of getting pwned. Instead of taking the time with fail2ban, I personally just make sure everyone uses passphrased ssh keys, or use a strong password in conjunction with a yubikey or 2 factor authentication and call it a day. |
|
|