I’m Automating Initial Server Setup with Ubuntu 18.04 on Digital Ocean using the user-data insert to start a new server.
I’ve got it to install Fail2Ban, but now I need to add the jails, starting with [sshd]
which is just a matter of adding enabled = true
I’ve recently learned echo would append to the end of the file,
or I could use sed to edit an existing line…
But how would I add a new line in between existing lines, when there’s nothing to be replaced?
/etc/fail2ban/jail.local
#
# JAILS
#
#
# SSH servers
#
[sshd]
# To use more aggressive sshd modes set filter parameter "mode" in jail.local:
# normal (default), ddos, extra or aggressive (combines all).
# See "tests/files/logs/sshd" or "filter.d/sshd.conf" for usage example and details.
#mode = normal
port = ssh
logpath = %(sshd_log)s
backend = %(sshd_backend)s
[dropbear]
port = ssh
logpath = %(dropbear_log)s
backend = %(dropbear_backend)s
[selinux-ssh]
port = ssh
logpath = %(auditd_log)s
#
# HTTP servers
#
I need to add enabled = true below the line starting with backend and above the stanza for [dropbear]
backend = %(sshd_backend)s
enabled = true
[dropbear]
What I have for Fail2Ban in the script so far
# Chapter 15, Security
# Fail2Ban
apt install fail2ban
cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sed -i 's/#ignoreip = 127.0.0.1/8 ::1/ignoreip = 127.0.0.1/8 ::1 192.168.1.0/24/' /etc/fail2ban/jail.local
# sed -i 's/bantime = 10m/bantime = 10m/' /etc/fail2ban/jail.local
sed -i 's/maxretry = 5/maxretry = 7/' /etc/fail2ban/jail.local
# sed -i 's/…/port = ssh/' /etc/fail2ban/jail.local
# sed -i 's/…/enabled = true/' /etc/fail2ban/jail.local