diff --git a/hosts/nixos/common/global/services/openssh.nix b/hosts/nixos/common/global/services/openssh.nix
index 36a96b5..5cacd84 100644
--- a/hosts/nixos/common/global/services/openssh.nix
+++ b/hosts/nixos/common/global/services/openssh.nix
@@ -65,7 +65,7 @@ in
   };
 
   # By default, this will ban failed ssh attempts
-  services.fail2ban.enable = true;
+  services.fail2ban.enable = lib.mkDefault true;
 
   # Makes it easy to copy host keys at install time without messing up permissions
   systemd.tmpfiles.rules = [
diff --git a/hosts/nixos/lapetus/default.nix b/hosts/nixos/lapetus/default.nix
index 8dab344..02c4ba4 100644
--- a/hosts/nixos/lapetus/default.nix
+++ b/hosts/nixos/lapetus/default.nix
@@ -71,6 +71,7 @@
   services.openssh.settings.PermitRootLogin = "yes";
   users.users.root.openssh.authorizedKeys.keyFiles =
     config.users.users.pilot.openssh.authorizedKeys.keyFiles;
+  services.fail2ban.enable = false;
   # }}}
 
   boot.loader.systemd-boot.enable = true;