Fail2ban Workaround for Ubuntu 24.04
One of the first things I wanted to do when Ubuntu 24.04 Long Term Support (LTS) was released late last month was test to ensure my bash security script still worked. As you can see from the screenshot above, it blew up when it got to the fail2ban installation.
The error messages generated by the script didn't help much in troubleshooting. When I tried to check on Fail2ban's status by running sudo fail2ban-client status, I got an error. Ultimately, this was the line that helped me find a workaround: fail2ban-server[1133]: 2024-02-25 02:27:28,952 fail2ban [1133]: ERROR No module named 'asynchat'
The bug report and workaround can be found here. I believe it was related to old Python not being supported, but the packaged version of Fail2ban requiring it.
The following two lines let me install Fail2ban:
wget https://launchpad.net/ubuntu/+source/fail2ban/1.1.0-1/+build/28291332/+files/fail2ban_1.1.0-1_all.deb
sudo dpkg -i fail2ban_1.1.0-1_all.debThen make sure Fail2ban isn't running with sudo fail2ban-client stop, then start it with sudo fail2ban-client start, then check the status with sudo fail2ban-client status. If all is good, you should get output similar to the following:
sudo fail2ban-client status
Status
|- Number of jail: 2
`- Jail list: ssh, sshdThis issue was fixed in 22.04.4, so it shouldn't be a problem if you've run the latest updates before attempting to install and run Fail2ban.
Another workaround would have been to install Fail2ban from source because the latest version directly from Fail2ban works, but that would mean you'd have to keep Fail2ban up to date manually instead of using apt.
If you'd like a bunch of security measures I run on any new server popped onto your machine with an easy to run bash script, check out my first-ten-seconds-redhat-ubuntu github page with instructions on various methods to run it. Be sure you have admin privileges set up for the user running the script and have key-based authentication configured before running the script.
