First problem I encounter is about misconfiguration of network cards in this OpenVZ template. Here is the offical bug report and here is a solution for the template. One needs to make an ethernet device up everytime after reboot if he did not have installed this patch to OpenVZ template using a command like this
ifup ifcfg-venet0
or a temporary solution is adding
ARPCHECK="no"
line to /etc/sysconfig/network-scripts/ifcfg-venet0:0 for my case which survives until next reboot.
Second issue is about fail2ban and various system logs. Banning failed ssh attempts is a common task of a system administrator. Fail2ban seems to work in case all ssh logs are streamed to file /var/log/secure. Unfortunately in Centos 7 minimal installs ssh logs are not streamed to this file. Actually there are very few files under /var/log directory. It seems that an important portion of logs are left to be arranged by journalctl command. I installed fail2ban but iIt does not work. After some search I realized that because there are no logs on /var/log/secure file, fail2ban does not recognize failed attempts. After reading this I made sure that the problem is as described. And now it is time to route all ssh logs to /var/log/secure and try to make fail2ban work.
Update: You do not need to stream logs to /var/log/secure or any other file. An option
backend = systemd
to [DEFAULT] section of config file (like jail.local) solves the problem easily. One can use systemd logs directly.
Hiç yorum yok:
Yorum Gönder