fail2ban on ProxMox VE node

F

Francesco Piraneo G.

Member
Jun 11, 2019
41
2
13
54
Hi all,

on the (exposed) IP address of the ProxMox VE node (the IP where the http console is listening) there is also open the SSH port where I can login through SSH client to this address with a password.

As my experience lots of people try brute force attacks to this port when is exposed and a password login is dangerous! It's possible to change to login only with certificate or integrate a fail2ban to mitigate such attacks? Is there any warning to do so?

Thanks again for help!
 
PVE is standard debian under the hood, so you can simply change the SSH daemon settings to disallow passwords like this:

Code: 
edit /etc/ssh/sshd_config
set 'PasswordAuthentication no'
systemctl restart sshd

We also have a guide on the wiki on how to enable fail2ban for the web interface, to use it for SSH just follow the regular installation instructions from f2b.
 
You must log in or register to reply here.
Top Bottom