Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
security
sshguard
sshguard.conf
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File sshguard.conf of Package sshguard
# #!/bin/sh # sshguard.conf -- SSHGuard configuration # Options that are uncommented in this example are set to their default # values. Options without defaults are commented out. #### REQUIRED CONFIGURATION #### # Full path to backend executable (required, no default) BACKEND="path_and_script" # Space-separated list of log files to monitor. Ignored if LOGREADER is set. # (optional, no default) #FILES="/var/log/auth.log /var/log/authlog /var/log/maillog" # Shell command that provides logs on standard output. (optional, no default) # Example 1: ssh and sendmail from systemd journal: #LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -t sendmail -o cat" # Example 2: ssh from os_log (macOS 10.12+) #LOGREADER="/usr/bin/log stream --style syslog --predicate '(processImagePath contains \"sshd\")'" LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -t sshd -o cat" #### OPTIONS #### # Block attackers when their cumulative attack score exceeds THRESHOLD. # Most attacks have a score of 10. (optional, default 30) THRESHOLD=30 # Block attackers for initially BLOCK_TIME seconds after exceeding THRESHOLD. # Subsequent blocks increase by a factor of 1.5. (optional, default 120) BLOCK_TIME=120 # Remember potential attackers for up to DETECTION_TIME seconds before # resetting their score. (optional, default 1800) DETECTION_TIME=1800 # Size of IPv6 'subnet to block. Defaults to a single address, CIDR notation. (optional, default to 128) IPV6_SUBNET=128 # Size of IPv4 subnet to block. Defaults to a single address, CIDR notation. (optional, default to 32) IPV4_SUBNET=32 #### EXTRAS #### # !! Warning: These features may not work correctly with sandboxing. !! # Full path to PID file (optional, no default) PID_FILE="/run/sshguard.pid" # Colon-separated blacklist threshold and full path to blacklist file. # (optional, no default) BLACKLIST_FILE="90:/var/lib/sshguard/db/blacklist.db" # IP addresses listed in the WHITELIST_FILE are considered to be # friendlies and will never be blocked. WHITELIST_FILE="/etc/sshguard/whitelist"
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor