Forge Home

sshguard

Puppet module to install sshguard

12,032 downloads

12,032 latest version

3.5 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.2.1 (latest)
released Aug 21st 2014

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'grafjo-sshguard', '0.2.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add grafjo-sshguard
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install grafjo-sshguard --version 0.2.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: ssh, sshguard

Documentation

grafjo/sshguard — version 0.2.1 Aug 21st 2014

#sshguard Build Status

A Puppet module to install and manage sshguard

##Usage

To use this module with the default configuration, just start with this:

class { 'sshguard':}

All changes can be done via class {'sshguard':}. See following parameters

#####version Puppet package ensure - see Type Reference

manage_service_ensure

Puppet service ensure - see Type Reference

manage_service_enable

Puppet service enable - see Type Reference

Customize /etc/sshguard/whitelist

whitelist

Array containing addr/host/block e.g whitelist['127.0.0.0/8','host.example.com']. Values will be written into /etc/sshguard/whitelist. To see some examples check /usr/share/doc/sshguard/examples/whitelistfile.example.

Customize /etc/default/sshguard

enable_firewall

Settingenable_filewall = 0 will prevent sshguard init script from changing firewall rules - it's your job then!

logfiles

Array containing logfiles to be scanned by sshguard e.g logfiles = ['/var/log/auth.log','/var/log/syslog'].

safety_thresh

Number of hits after which blocking an address - default is 40.

pardon_min_interval

Seconds after which unblocking a blocked address - default is 420.

prescribe_interval

Seconds after which forgetting about a cracker candidate - default is 1200.

Authors

License

puppet-sshguard is released under the MIT License. See the bundled LICENSE file for details.