Re: [opensuse] Re: fail2ban - a cautionary note

8 Nov 2016

      On Tue, Nov 8, 2016 at 12:53 PM, Lew Wolfgang  wrote:
...
On 11/08/2016 09:43 AM, John Andersen wrote:
...
On 11/07/2016 06:59 PM, Greg Freemyer wrote:
...
On Mon, Nov 7, 2016 at 9:43 PM, Linda Walsh  wrote:
...
Greg Freemyer wrote:
...
Apparently my ISP changed my IP and I had made a typo or two in my
password since the IP change.
---
         I take it you don't have fixed IP?  Since if you did,
that would be real weird just to have your IP changed out from under
you.
Correct, but it hadn't change in 3 years I assume.  That's when I
setup the server.
But that leaves me wondering...
Server in the cloud
Variable IP
How do you find it?
How do the users of such a cloud find it?
Does cloud service supply some kind of dns service?
Can't you add a FQDN to fail2ban instead of an IP?
I'm confused.  I assumed that OP's home IP changed.  Your cloudy server
changing IP is a completely different issue, right?
Lew is right.  The cloud based server is a VM I rent.  It has a static
IP that has never changed.

In the fail2ban config on that server I have:

ignoreip = 1.2.3.4       where that would be my home IP.

That means no matter how often I fat finger the password when working
at my house and trying to connect to the server via SSH it doesn't
lock me out.

Several days ago, I got locked out.

I logged into the server via a "console" login provided by the VM
provider.  It is basically only used for emergency access to the
server when it won't boot, etc.

Using the emergency login feature, I changed the ignoreip IP to my new
home IP and I can now ssh in again.
...
But using a FQDN for access would open up possible security and DOS
issues, wouldn't it?
I have no firewall holes in my home router.  All socket initiation is outbound.
...
Regards,
Lew
Greg

-- 
To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org
To contact the owner, e-mail: opensuse+owner@opensuse.org