Fail2Ban Useful Commands Cheat Sheet
Fail2Ban Useful Commands Cheat Sheet
This page outlines essential fail2ban-client commands to help monitor, manage, and interact with Fail2Ban jails. These are especially useful when securing SSH access or reviewing suspicious login attempts.
📊 General Status Overview
sudo fail2ban-client statusLists all active jails and global stats.
🔎 Check a Specific Jail (e.g., SSH)
sudo fail2ban-client status sshdReturns:
-
Current failed attempts
-
Total failed attempts
-
Currently banned IPs
-
Log file being watched
📋 List Banned IPs
sudo fail2ban-client get sshd bannedDisplays all IP addresses currently banned for that jail.
⏱️ Check Ban Duration
sudo fail2ban-client get sshd bantimeOutputs the current
bantime(in seconds) configured for the jail.
🔄 Unban an IP
sudo fail2ban-client set sshd unbanip <ip-address>Manually remove a banned IP from the list.
🪵 View Real-Time Ban Events
sudo tail -f /var/log/fail2ban.logUse this to monitor login failures and ban actions in real time.
🔁 Restart Fail2Ban
sudo systemctl restart fail2banRestart the Fail2Ban service after modifying configs or jail files.