sshguard

Puppet module to install sshguard

Johannes Graf

grafjo

9,711 downloads

9,711 latest version

3.5 quality score

Version information

  • 0.2.1 (latest)
released Aug 21st 2014

Start using this module

Tags: sshguard, ssh

Documentation

grafjo/sshguard — version 0.2.1 Aug 21st 2014

#sshguard Build Status

A Puppet module to install and manage sshguard

##Usage

To use this module with the default configuration, just start with this:

class { 'sshguard':}

All changes can be done via class {'sshguard':}. See following parameters

#####version Puppet package ensure - see Type Reference

manage_service_ensure

Puppet service ensure - see Type Reference

manage_service_enable

Puppet service enable - see Type Reference

Customize /etc/sshguard/whitelist

whitelist

Array containing addr/host/block e.g whitelist['127.0.0.0/8','host.example.com']. Values will be written into /etc/sshguard/whitelist. To see some examples check /usr/share/doc/sshguard/examples/whitelistfile.example.

Customize /etc/default/sshguard

enable_firewall

Settingenable_filewall = 0 will prevent sshguard init script from changing firewall rules - it's your job then!

logfiles

Array containing logfiles to be scanned by sshguard e.g logfiles = ['/var/log/auth.log','/var/log/syslog'].

safety_thresh

Number of hits after which blocking an address - default is 40.

pardon_min_interval

Seconds after which unblocking a blocked address - default is 420.

prescribe_interval

Seconds after which forgetting about a cracker candidate - default is 1200.

Authors

License

puppet-sshguard is released under the MIT License. See the bundled LICENSE file for details.