问题描述
服务器Ubuntu 20.04开启fail2ban失败,通过journactltl -f查看日志发现错误ERROR Failed during configuration: Have not found any log file for sshd jail。大致的原因就是fail2ban找不到sshd的日志文件。
Sep 09 09:52:17 test systemd[1]: Starting Fail2Ban Service...
Sep 09 09:52:17 test systemd[1]: Started Fail2Ban Service.
Sep 09 09:52:17 test fail2ban-server[370030]: 2024-09-09 09:52:17,874 fail2ban [370030]: ERROR Failed during configuration: Have not found any log file for sshd jail
Sep 09 09:52:17 test fail2ban-server[370030]: 2024-09-09 09:52:17,881 fail2ban [370030]: ERROR Async configuration of server failed
Sep 09 09:52:17 test systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
Sep 09 09:52:17 test systemd[1]: fail2ban.service: Failed with result 'exit-code'.
解决方法(TL;DR:)
执行下边指令:
echo -e "[sshd]\nbackend=systemd\nenabled=true" | sudo tee /etc/fail2ban/jail.local
之后再次重启fail2ban服务即可!
如果上述方法不行的话,可以试试以下方法(debian 12):
apt install python3-systemd- include
backend=systemdin thejail.localas above- and since Debian 12 is well and truly systemd (by default) now: it should have fail2ban log to systemd journal instead of the logfile. (
logtarget = SYSTEMD-JOURNAL) in the[DEFAULT]section.
参考文章
[BR]: fail2ban does not start on some debian/ubuntu systems - backend should probably be set to systemd on all systemd-based distros #3292
