Well all I’m seeing in /var/logs/fail2ban.log is this:
2021-02-24 23:35:33,087 fail2ban.filter [670]: INFO [ssh] Found 68.225.60.23 - 2021-02-24 23:35:33
2021-02-24 23:35:33,193 fail2ban.filter [670]: INFO [sshd] Found 68.225.60.23 - 2021-02-24 23:35:33
2021-02-24 23:35:33,244 fail2ban.actions [670]: NOTICE [sshd] Ban 68.225.60.23
2021-02-24 23:35:33,247 fail2ban.actions [670]: NOTICE [ssh] Ban 68.225.60.23
2021-02-24 23:45:34,133 fail2ban.actions [670]: NOTICE [ssh] Unban 68.225.60.23
2021-02-24 23:45:34,133 fail2ban.actions [670]: NOTICE [sshd] Unban 68.225.60.23
Is there another place to look?
Also, I seem to have solved the problem by:
- Disabling fail2ban:
sudo systemctl stop fail2ban - Re-provision the
fail2bantag:trellis provision --tags fail2ban staging
I could still use some clarity on if the IP of the provisioning computer is automatically whitelisted with fail2ban.