SSHGuard 2.0.0 has been released, and here are the highlights:
- Support reading from os_log on macOS 10.12 and systemd journal
- Add firewalld backend (tutorial)
- Add ipset backend
- Resurrect the ipfilter backend
- Preliminary support for Capsicum and pledge()
- Match “no matching cipher” for SSH
- Annotate logs using -a flag to sshg-parser
- SSHGuard requires a configuration file to start
- Runtime flags now configurable in the sshguard.conf configuration file
- Add warning when reading from standard input
- Build and install all backend scripts by default
- Improve log messages and tweak logging priorities
- Remove process validation (-f option)
- Fix ipfw backend on FreeBSD 11
- Fix initial block time being doubled
- Update Dovecot pattern for macOS
- Use standard score for Sendmail auth attack
There has been a lot of changes to how SSHGuard is configured in this release. Most notable, piped commands and runtime flags should be moved from the init script to the permanent configuration file. The release contains example configurations for systemd and the journal on Linux, launchd and os_log on macOS, as well as a fully documented sshguard.conf in examples/.
Maintainers and distributors should make sure they update their distribution-specific configurations accordingly.
Lates Releases View all»
F.A.Q. View all»
- Sshguard does not workYou have one of these problems: sshguard is not given logs correctly sshguard cannot run the commands for ...
- What does sshguard do?The short version is: it receives log messages, it detects when a networked service has been abused based ...
- How do I enable monitoring for service X?You don't. Sshguard enables monitoring for all supported services straight out of the box. If you think ...