详见 github: fail2ban 安装 fail2ban, 以 ubuntu 为例 apt update && apt upgrade apt install fail2ban systemctl start fail2ban systemctl enable fail2ban 配置 fail2ban fail2ban 分为 server 和 client 在 /etc/fail2ban/jail.d 中增加一个自定义 conf, 如 my-jail.conf (从 defaults-debian.conf 复制得到), 添加如下 sshd 配置 # my-jail.conf [DEFAULT] banaction = nftables banaction_allports = nftables[type=allports] backend = systemd [sshd] enabled = true port = 2222 filter = sshd maxretry = 3 bantime = 2592000 # 2592000second = 30day, -1 为永久封禁 重启 fail2ban sudo systemctl restart fail2ban #重启 sudo fail2ban-client status #查看状态 sudo fail2ban-client status sshd #查看sshd的详细状态 查看已禁用的ip fail2ban-client get sshd banned fail2ban-client status sshd # 查看登录尝试记录 lastb # 显示显示失败的登录尝试 last # 与 lastb 类似，但显示的是所有登录尝试，包括成功的登录