Today I flashed Raspberry Pi OS Lite (Debian 12) for my new Raspberry Pi 5, I set up SSH and everything through the headless setup and when I finally wanted to install fail2ban I realized I didn’t work.
Running systemctl status fail2ban revealed that something was off:
[...]
Active: failed
Process: ExecStart=/usr/bin/fail2ban-server -xf start (code=exited, status=255/EXCEPTION)
[...]
ERROR Failed during configuration: Have not found any log file for sshd jail
ERROR Async configuration of server failed
[...]
systemd[1]: fail2ban.service: Main process exited, code=exited, status=255/EXCEPTION
systemd[1]: fail2ban.service: Failed with result 'exit-code'.It seems something was wrong with the config. Note that I haven’t modified the default config.
It seems it could not find any logfiles for SSH…
Let’s look at the default Debian config: nano /etc/fail2ban/jail.d/defaults-debian.conf
This is what’s inside the file:
[sshd]
enabled = trueSeems pretty basic. But here’s the issue: The default config is broken.
Here’s what it should actually look like:
[sshd]
backend=systemd
enabled = trueThat’s because instead of SSH log files, it will use systemd as backend. This way fail2ban will work.
Now simply systemctl restart fail2ban and then systemctl status fail2ban should reveal it’s working as it should.
Note: Not all systems enable fail2ban to start by default on boot, so also make sure to run systemctl enable --now fail2ban to make sure it will be running.
I hope this quick fix helped you out. I run this blog in my spare time, consider donating a cup of coffee. ☕
Leave A Comment