Help installing fail2ban or denyhost & SSH

[UnwiseYoda]

Hey all!
I am trying to figure out how to install either fail2ban or denyhost into the jail of freenas. I have searched for a how to guide and not had any luck other than it was possible. I am a total noob to FreeBSD. Im looking to add a little extra security as I have already seen a couple bruteforce username/password attacks.
I have port 4040 forwarded for subsonic and 8991 forwarded through my router for ssh. I plan on disabling password logins once I can get the private and public keys generated from putty to work, still trying to figure it out though. Even though I pasted the public key into the user it wont login.
No VPN supported through the router other than through l2tp, pptp and ipsec. If thats all I need for VPN I guess I dont understand how to utilize that in itself.

Thanks in advance!

 

[jgreco]

sshguard is known to work well with FreeBSD and is a standalone executable.

However, most of these things rely on being able to install firewall rules, etc., to disable access to the system. You generally cannot do that from a jail, and FreeNAS doesn't include a firewall that I'm aware of anyways.

 

[UnwiseYoda]

Would the best way to accomplish something like that be to run freenas in a virtual machine environment with the firewall running in the main OS like freebsd or linux? Thanks again for the help!

 

[ben]

Having FreeNAS in a network behind a discrete firewall is the intended use case. Running FreeNAS in a VM is sub-optimal, but if it has direct control of the drives and there are no networking complications it CAN work.