self-taught
On Debian/Ubuntu:
sudo apt install fail2ban
# jail.local gets read after jail.conf, it is better to create it instead of modifying directly jail.conf
sudo cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local
sudo vim /etc/fail2ban/jail.local[sshd]
enabled = true
port = ssh
backend = systemd
maxretry = 2
findtime = 3600 # for 1 hour
bantime = 86400 # for 1 day
ignoreip = 127.0.0.1sudo systemctl restart fail2banMonitoring
sudo fail2ban-client status sshd
sudo iptables -L -nUnbanning
sudo fail2ban-client unban --all
sudo fail2ban-client unban <ip-address>