Configuring Proxmox after installation
There are a few important things to do after installing Proxmox.
Update the system to the latest version
To do this, go to the console of our server and disable the paid repository (available only to those who bought paid support). If this is not done, apt will report an error when updating package sources.
- Open the console and edit the apt configuration file:
2. There is only one line in this file. Write a "#" symbol in front of it to disable the option of receiving updates from a paid repository:
3. Press Ctrl + X to exit the editor, answering "Y" to the system's question about saving the file.
4. Run the update package sources command:
5. Update all packages:
Take care of safety
1.Open the server console via the web interface or SSH.
2. Update package sources:
3. Install Fail2Ban:
4. Open the utility configuration for editing:
5. Change the variables bantime (the number of seconds the attacker will be blocked for) and maxretry (the number of attempts to enter the login / password) for each individual service.
6. Use the Ctrl + X keyboard shortcut to exit the editor, answering "Y" to the system's question about saving the file.
7. Restart service::
You can check the status of the utility, for example, to remove blocking statistics from the blocked IP addresses, from which the attempts have been made to brute force SSH
passwords. You can do these tasks with one simple command:
The utility's response will look something like this:
INFO Loading configs for fail2ban under /etc/fail2ban
INFO Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO Loading files: ['/etc/fail2ban/fail2ban.conf']
INFO Using socket file /var/run/fail2ban/fail2ban.sock
Status for the jail: sshd
|- Filter
| |- Currently failed: 3
| |- Total failed: 4249
| `- File list: /var/log/auth.log
`- Actions
|- Currently banned: 0
|- Total banned: 410
`- Banned IP list:
In a similar way, you can close the Web interface from such attacks by creating an appropriate rule. An example of such a rule for Fail2Ban can be found in the official guide. https://pve.proxmox.com/wiki/Fail2ban