Linux Security

Fail2ban basics for SSH

Automatically block IPs hammering SSH — simple jail config for small servers.

12 min read Intermediate Updated 9 Jun 2026
Linux library Start the guide

Step-by-step guide

Work through each section in order. Stop when your issue is resolved — you do not need every step for every situation.

Warning

Use a sudo-capable account, keep shell history for audit, and back up critical paths before changing boot, SSH, or package state.

What you will achieve

Automatically block IPs hammering SSH — simple jail config for small servers.

1) Install and enable fail2ban

sudo apt update
sudo apt install -y fail2ban
sudo systemctl enable --now fail2ban

2) Create SSH jail config

[sshd]
enabled = true
bantime = 1h
findtime = 10m
maxretry = 5

3) Check ban status

sudo fail2ban-client status
sudo fail2ban-client status sshd

Related guides

fail2ban security ssh

Related guides

Continue with these next if you are building a fuller setup or troubleshooting path.

Security
Harden SSH server on Linux
Lock down SSH without locking yourself out — test every change in a second session.
Read guide