rsyslog a bad idea? Problems with ssh, openssh-server, fail2ban
11-11-2021, 05:59 PM
(11-09-2021, 11:14 AM)Anna Wrote: is there any benefit at all in using fail2ban? Or was the whole installation completely futile? Would it even be better to purge it?
If I understand your set up well you need to connect your PP to your computer at home on a private network, likely behind your modem firewall. fail2ban is typically installed on servers reachable through a public ip 24/24 like webservers storing commercial information. So the risks are lower in your setting to be subject of brute force attacks. Doesn't mean you shouldn't be concerned about security, but your thread model is different from webservers.
If you have a router firewall + on your machines (useful if your devices are mobile), are using your sshd occasionally when your machine is on, using basic hardening (prevent root login, use key authentification + password), limit login to the private ip of the second device, apply security updates regularly, then the risks are low.
Since f2b is installed, if you have disk space it doesn't hurt to keep it.
If you are interested in system hardening you can have a look at lynis (check cysofy on github). But use workstation parameters, if I understand your setting, server mode would be a bit too much.
