Bookworm, fail2ban and sshd
I'm trying to set fail2ban up on bookworm. It refuses to run with the
default configuration (sshd only), reporting:
Failed during configuration: Have not found any log file for sshd jail
Near as I can figure, fail2ban expects sshd's log file to be
/var/log/auth.log. Which does not exist on my target machine.
On a brief inspection, machines that have new installations of bookworm
do not have /var/log/auth.log. Machines running bullseye or upgraded
from bullseye to bookworm have it.
Commenting out sshd's "enabled" line (in
/etc/fail2ban/jail.d/defaults-debian.conf) allows the daemon to start,
but it isn't doing anything useful.
--
Does anybody read signatures any more?
https://charlescurley.com
https://charlescurley.com/blog/
Reply to: