1 files added
2 files modified
| | |
| | | <page name="bugtraq" src="setup_bugtraq.mkd" />
|
| | | <page name="mirrors" src="setup_mirrors.mkd" />
|
| | | <page name="scaling" src="setup_scaling.mkd" />
|
| | | <page name="fail2ban" src="setup_fail2ban.mkd" />
|
| | | <divider />
|
| | | <page name="Gitblit as a viewer" src="setup_viewer.mkd" />
|
| | | </menu>
|
| | |
| | | return true; |
| | | } |
| | | |
| | | log.warn("could not authenticate {} for SSH using the supplied password", username); |
| | | log.warn("could not authenticate {} ({}) for SSH using the supplied password", username, client.getRemoteAddress()); |
| | | return false; |
| | | } |
| | | } |
New file |
| | |
| | | ## Configure fail2ban for Gitblit-SSH |
| | | |
| | | This procedure is based on a Debian installation of [fail2ban](http://www.fail2ban.org/), but it should works in any installation. |
| | | |
| | | First, create a new filter file `gitblit.conf` in filter directory (Debian: `/etc/fail2ban/filter.d/`) or into `filter.conf` file. Here an example: |
| | | |
| | | [Definition] |
| | | failregex = could not authenticate .*? \(/<HOST>:[0-9]*\) for SSH using the supplied password$ |
| | | ignoreregex = |
| | | |
| | | Then edit `jail.conf` to add "gitblit" service (Debian: `/etc/fail2ban/jail.conf`). For example: |
| | | |
| | | [gitblit] |
| | | enabled = true |
| | | port = 22 |
| | | protocol = tcp |
| | | filter = gitblit |
| | | logpath = /var/log/gitblit.log |
| | | |
| | | Restart fail2ban to apply (Debian: `/etc/init.d/fail2ban restart`). |