If you have this in your /etc/fail2ban/jail.local configuration file:
# "bantime" is the number of seconds that a host is banned.
bantime = 31536000 # 1 year
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime = 604800 # 7 days
and you get these errors when you restart fail2ban (service fail2ban restart):
WARNING Wrong value for 'findtime' in 'ssh'. Using default one: '600'
WARNING Wrong value for 'bantime' in 'ssh'. Using default one: '600'
change it to this (put the comment on a separate line):
# "bantime" is the number of seconds that a host is banned.
# 1 year
bantime = 31536000
# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
# 7 days
findtime = 604800
This is explained in the following bug report:
fail2ban: Incorrect parsing of commented text after reading a value from config file
If you want to set a permanent ban time, use a negative number.
# "bantime" is the number of seconds that a host is banned.
# permanent ban
bantime = -1