Configuring Proxmox after installation

There are a few important things to do after installing Proxmox.

Update the system to the latest version

To do this, go to the console of our server and disable the paid repository (available only to those who bought paid support). If this is not done, apt will report an error when updating package sources.

  1. Open the console and edit the apt configuration file:
nano /etc/apt/sources.list.d/pve-enterprise.list

2. There is only one line in this file. Write a "#" symbol in front of it to disable the option of receiving updates from a paid repository:

#deb stretch pve-enterprise

3. Press Ctrl + X to exit the editor, answering "Y" to the system's question about saving the file.

4. Run the update package sources command:

apt update

5. Update all packages:

apt -y upgrade

Take care of safety

1.Open the server console via the web interface or SSH.

2. Update package sources:

apt update

3. Install Fail2Ban:

apt install fail2ban

4. Open the utility configuration for editing:

nano /etc/fail2ban/jail.conf

5. Change the variables bantime (the number of seconds the attacker will be blocked for) and maxretry (the number of attempts to enter the login / password) for each individual service.

6. Use the Ctrl + X keyboard shortcut to exit the editor, answering "Y" to the system's question about saving the file.

7. Restart service::

systemctl restart fail2ban

You can check the status of the utility, for example, to remove blocking statistics from the blocked IP addresses, from which the attempts have been made to brute force SSH
. You can do these tasks with one simple command:

fail2ban-client -v status sshd

The utility's response will look something like this:

root@hypervisor:~# fail2ban-client -v status sshd
INFO Loading configs for fail2ban under /etc/fail2ban
INFO Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO Using socket file /var/run/fail2ban/fail2ban.sock
Status for the jail: sshd
|- Filter
| |- Currently failed: 3
| |- Total failed: 4249
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 0
|- Total banned: 410
`- Banned IP list:

In a similar way, you can close the Web interface from such attacks by creating an appropriate rule. An example of such a rule for Fail2Ban can be found in the official guide.