From where are you trying to ssh in?
Look in the fail2ban configuration file to see if you have any applicable ignoreip settings.
From where are you trying to ssh in?
Look in the fail2ban configuration file to see if you have any applicable ignoreip settings.
I'm trying to login from a machine on my local network IP address 192.168.1.235
I left the ignoreip setting at the default value 127.0.0.1
I can see the invalid login attempts in the log file configured in fail2ban
Aug 30 15:06:42 Rapier sshd[6078]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:06:44 Rapier sshd[6078]: Failed password for root from 192.168.1.235 port 50570 ssh2
Aug 30 15:06:49 Rapier sshd[6078]: Failed password for root from 192.168.1.235 port 50570 ssh2
Aug 30 15:06:55 Rapier sshd[6078]: Failed password for root from 192.168.1.235 port 50570 ssh2
Aug 30 15:06:57 Rapier sshd[6078]: Connection closed by authenticating user root 192.168.1.235 port 50570 [preauth]
Aug 30 15:06:57 Rapier sshd[6078]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:01 Rapier sshd[6166]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:03 Rapier sshd[6166]: Failed password for root from 192.168.1.235 port 50572 ssh2
Aug 30 15:07:08 Rapier sshd[6166]: Failed password for root from 192.168.1.235 port 50572 ssh2
Aug 30 15:07:11 Rapier sshd[6166]: Failed password for root from 192.168.1.235 port 50572 ssh2
Aug 30 15:07:13 Rapier sshd[6166]: Connection closed by authenticating user root 192.168.1.235 port 50572 [preauth]
Aug 30 15:07:13 Rapier sshd[6166]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:17 Rapier sshd[6236]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:19 Rapier sshd[6236]: Failed password for root from 192.168.1.235 port 50574 ssh2
Aug 30 15:07:25 Rapier sshd[6236]: Failed password for root from 192.168.1.235 port 50574 ssh2
Aug 30 15:07:30 Rapier sshd[6236]: Failed password for root from 192.168.1.235 port 50574 ssh2
Aug 30 15:07:31 Rapier sshd[6236]: Connection closed by authenticating user root 192.168.1.235 port 50574 [preauth]
Aug 30 15:07:31 Rapier sshd[6236]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:35 Rapier sshd[6332]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.235 user=root
Aug 30 15:07:37 Rapier sshd[6332]: Failed password for root from 192.168.1.235 port 50576 ssh2
Aug 30 15:07:46 Rapier sshd[6332]: Connection closed by authenticating user root 192.168.1.235 port 50576 [preauth]
Aug 30 15:08:43 Rapier sshd[6580]: Accepted password for root from 192.168.1.235 port 50578 ssh2
Aug 30 15:08:43 Rapier sshd[6580]: pam_unix(sshd:session): session opened for user root by (uid=0)
It looks like the Fail2ban service is failing to load
docker.service loaded active running Docker Application Container Engine
● fail2ban.service loaded failed failed Fail2Ban Service
folder2ram_startup.service loaded active exited folder2ram systemd service
Thanks for the reploy
I have problems when installing fail2ban (openmediavault-fail2ban 5.04) in OMV 5.5.9-1 May the package be broken?, when I try to install it I've got the error
Reading package lists...
Building dependency tree...
Reading state information...
The following additional packages will be installed:
fail2ban
Suggested packages:
sqlite3
Recommended packages:
python3-pyinotify
The following NEW packages will be installed:
fail2ban openmediavault-fail2ban
0 upgraded, 2 newly installed, 0 to remove and 37 not upgraded.
Need to get 0 B/414 kB of archives.
After this operation, 2057 kB of additional disk space will be used.
Selecting previously unselected package fail2ban.
(Reading database ... (Reading database ... 5%(Reading database ... 10%(Reading database ... 15%(Reading database ... 20%(Reading database ... 25%(Reading database ... 30%(Reading database ... 35%(Reading database ... 40%(Reading database ... 45%(Reading database ... 50%(Reading database ... 55%(Reading database ... 60%(Reading database ... 65%(Reading database ... 70%(Reading database ... 75%(Reading database ... 80%(Reading database ... 85%(Reading database ... 90%(Reading database ... 95%(Reading database ... 100%(Reading database ... 58914 files and directories currently installed.)
Preparing to unpack .../fail2ban_0.10.2-2.1_all.deb ...
Unpacking fail2ban (0.10.2-2.1) ...
Selecting previously unselected package openmediavault-fail2ban.
Preparing to unpack .../openmediavault-fail2ban_5.0.4_all.deb ...
Unpacking openmediavault-fail2ban (5.0.4) ...
Setting up fail2ban (0.10.2-2.1) ...
Created symlink /etc/systemd/system/multi-user.target.wants/fail2ban.service → /lib/systemd/system/fail2ban.service.
[fail2ban-tmpfiles.conf:1] Line references path below legacy directory /var/run/, updating /var/run/fail2ban → /run/fail2ban; please update the tmpfiles.d/ drop-in file accordingly.
Setting up openmediavault-fail2ban (5.0.4) ...
Updating configuration database ...
[0;1;31mKatze.myname:[0;0m
[0;1;31mData failed to compile:[0;0m
[0;1;31m----------
Rendering SLS 'base:omv.deploy.fail2ban.default' failed: Jinja error: action: Invalid value '', allowed values are 'action_, action_mw, action_mwl'.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/salt/utils/templates.py", line 400, in render_jinja_tmpl
output = template.render(**decoded_context)
File "/usr/lib/python3/dist-packages/jinja2/asyncsupport.py", line 76, in render
return original_render(self, *args, **kwargs)
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 1008, in render
return self.environment.handle_exception(exc_info, True)
File "/usr/lib/python3/dist-packages/jinja2/environment.py", line 780, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/lib/python3/dist-packages/jinja2/_compat.py", line 37, in reraise
raise value.with_traceback(tb)
File "<template>", line 18, in top-level template code
File "/var/cache/salt/minion/extmods/modules/omv_conf.py", line 39, in get
objs = db.get(id_, identifier)
File "/usr/lib/python3/dist-packages/openmediavault/config/database.py", line 85, in get
query.execute()
File "/usr/lib/python3/dist-packages/openmediavault/config/database.py", line 724, in execute
self._response = self._elements_to_object(elements)
File "/usr/lib/python3/dist-packages/openmediavault/config/database.py", line 485, in _elements_to_object
result.validate()
File "/usr/lib/python3/dist-packages/openmediavault/config/object.py", line 235, in validate
self.model.validate(self.get_dict())
File "/usr/lib/python3/dist-packages/openmediavault/config/datamodel.py", line 200, in validate
self.schema.validate(data)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 170, in validate
self._validate_type(value, schema, name)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 224, in _validate_type
raise last_exception
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 195, in _validate_type
self._validate_object(value, schema, name)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 300, in _validate_object
self._check_properties(value, schema, name)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 508, in _check_properties
self._validate_type(value[propk], propv, path)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 224, in _validate_type
raise last_exception
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 204, in _validate_type
self._validate_string(value, schema, name)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 279, in _validate_string
self._check_enum(value, schema, name)
File "/usr/lib/python3/dist-packages/openmediavault/json/schema.py", line 468, in _check_enum
% (valuev, ", ".join(schema['enum'])),
openmediavault.json.schema.SchemaValidationException: action: Invalid value '', allowed values are 'action_, action_mw, action_mwl'.
; line 18
---
[...]
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
{% set config = salt['omv_conf.get']('conf.service.fail2ban') %} <======================
{% set script_prefix = salt['pillar.get']('default:OMV_FAIL2BAN_JAIL_PREFIX', 'openmediavault-') %}
{% set scripts_dir = salt['pillar.get']('default:OMV_FAIL2BAN_JAIL_DIR', '/etc/fail2ban/jail.d') %}
{% if config.enable | to_bool %}
[...]
---[0;0m
dpkg: error processing package openmediavault-fail2ban (--configure):
installed openmediavault-fail2ban package post-installation script subprocess returned error exit status 1
Processing triggers for openmediavault (5.5.8-1) ...
Updating locale files ...
Updating file permissions ...
Purging internal cache ...
Restarting engine daemon ...
Processing triggers for systemd (241-7~deb10u4) ...
Errors were encountered while processing:
openmediavault-fail2ban
>>> *************** Error ***************
<<< *************************************I had a similar problem installing fail2ban.
The webui component should be visible even though it didn't fully install. Go to the webui and fill in the last box action with one of the calling values. I used action_mwl. Then login via ssh and do a sudo apt-get upgrade and the package should complete it's installation
That procedure worked in my installation, thank you.
The package is still broken!!!
The package is still broken!!!
Yep and as I reported in a couple of other threads, I need to fix it. I haven't had time...
Can you also think about adding 'recidive jail' inside the options and WebIf GUI
Can you also think about adding 'recidive jail' inside the options and WebIf GUI
Is there a reason this needs to be maintained in the plugin rather than letting the user add it?
could be me but I didn't see the option in the GUI?
could be me but I didn't see the option in the GUI?
I don't use this plugin and only maintain it enough to port to new versions of OMV. I glanced at your link and it looked like it was just another jail that you could. While the recidive jail would be easy to add, the article suggests a big change to the the bantime that I don't feel comfortable making. You could add a recidive file in /etc/fail2ban/jail.d/ that the plugin wouldn't touch as long as the filename didn't start with openmediavault-.
HI ryecoaaron,
yes installed it manual last weekend.
thx for your reply!
Don’t have an account yet? Register yourself now and be a part of our community!
