Twoje komentarze
1) create a new filter config file ajenti-auth.conf....
Step A: Run the below command
Sudo vi /etc/fail2ban/filter.d/ajenti-auth.conf
Step B: Copy the below and paste inside the above file
# Fail2Ban filter for ajenti
[INCLUDES]
before = common.conf
[Definition]
_daemon = ajenti
failregex = ^%(__prefix_line)sfailed login attempt for .* through .* from <HOST>\s*$
ignoreregex =
2) Add the jail settings to the end of the jail.local file...
Step A: Run the below command
sudo vi /etc/fail2ban/jail.local
Step B: Copy the below and paste inside the above file at the end
[ajenti-auth]
enabled = true
port = 8000
filter = ajenti-auth
logpath = /var/log/auth.log
maxretry = 3
3) Restart the service...
Step A: Run the below command
sudo service fail2ban restart
Customer support service by UserEcho
No nothing is added to the config.json file. The above is implemented and tested on Ubuntu 14.04 and Ajent v1.2.23.8
Here is an example of the logs from a server:
Jul 28 00:55:23 localhost ajenti: failed login attempt for root ("fail") through AjentiSyncProvider from X.X.X.X
Jul 28 00:55:37 localhost ajenti: user root logged in through AjentiSyncProvider from X.X.X.X