Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
i wonder if a missing python3-systemd is the only reason for this bug: fail2ban + sshd works fine with backend=auto for me, and i have recommends installed. So rather than changing the default 'backend', debian should just promote python3-systemd to 'depends'. On Fri, 21 Jul 2023, 07:03 Jeremy Davis, wrote: > As a follow up (in case anyone hits the same issue as me): > > After setting 'backend = systemd' fail2ban refused to start!? > > It turns out that when using 'backend = systemd', python3-systemd is a > hard requirement. It is a recommended package for fail2ban but I have > recommends disabled by default, so had to manually install it. >
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
As a follow up (in case anyone hits the same issue as me): After setting 'backend = systemd' fail2ban refused to start!? It turns out that when using 'backend = systemd', python3-systemd is a hard requirement. It is a recommended package for fail2ban but I have recommends disabled by default, so had to manually install it. OpenPGP_signature Description: OpenPGP digital signature
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
Thank you José, I really appreciate you taking the time to confirm. Hope you have a great day! :) Regards, Jeremy On 14/7/23 08:45, José Miguel Gonçalves wrote: Hi Jeremy, On 13/07/23 23:01, Jeremy Davis wrote: Can you confirm that the current default bookworm fail2ban config/regex works with sshd with just this change (to 'backend' in /etc/fail2ban/jail.conf)? Or are further adjustments required? Yes, I can confirm that fail2ban sshd jail works fine using the default config and just changing the 'backend' to 'systemd'. Best regards, José Gonçalves OpenPGP_signature Description: OpenPGP digital signature
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
Hi Jeremy, On 13/07/23 23:01, Jeremy Davis wrote: Can you confirm that the current default bookworm fail2ban config/regex works with sshd with just this change (to 'backend' in /etc/fail2ban/jail.conf)? Or are further adjustments required? Yes, I can confirm that fail2ban sshd jail works fine using the default config and just changing the 'backend' to 'systemd'. Best regards, José Gonçalves
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
FWIW it appears that this bug is essentially a duplicate of #770171: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770171 On 7/7/23 19:04, José Miguel Gonçalves wrote: As Debian opted by systemd journal as the default logging mechanism for bookworm, maybe a better option would be to change the default configuration in '/etc/fail2ban/jail.conf' to select journal as the logging source, i.e., instead of setting 'backend = auto', set 'backend = systemd'. That seems like a sensible suggestion to me. Can you confirm that the current default bookworm fail2ban config/regex works with sshd with just this change (to 'backend' in /etc/fail2ban/jail.conf)? Or are further adjustments required? Regards, Jeremy OpenPGP_signature Description: OpenPGP digital signature
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work
Hi, As Debian opted by systemd journal as the default logging mechanism for bookworm, maybe a better option would be to change the default configuration in '/etc/fail2ban/jail.conf' to select journal as the logging source, i.e., instead of setting 'backend = auto', set 'backend = systemd'. Best regards, José Gonçalves
Bug#1037437: From fresh bookworm install default sshd jail in fail2ban won’t work without rsyslog installed
Package: fail2ban Version: 1.0.2-2 >From fresh bookworm installation, In fail2ban, the sshd jail which is enable by default won’t work without rsyslog installed. The fail2ban service then fails to start.
