Forge Home


Puppet module to install sshguard


12,041 latest version

3.5 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 0.2.1 (latest)
released Aug 21st 2014

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'grafjo-sshguard', '0.2.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add grafjo-sshguard
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install grafjo-sshguard --version 0.2.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Tags: ssh, sshguard


grafjo/sshguard — version 0.2.1 Aug 21st 2014

#sshguard Build Status

A Puppet module to install and manage sshguard


To use this module with the default configuration, just start with this:

class { 'sshguard':}

All changes can be done via class {'sshguard':}. See following parameters

#####version Puppet package ensure - see Type Reference


Puppet service ensure - see Type Reference


Puppet service enable - see Type Reference

Customize /etc/sshguard/whitelist


Array containing addr/host/block e.g whitelist['','']. Values will be written into /etc/sshguard/whitelist. To see some examples check /usr/share/doc/sshguard/examples/whitelistfile.example.

Customize /etc/default/sshguard


Settingenable_filewall = 0 will prevent sshguard init script from changing firewall rules - it's your job then!


Array containing logfiles to be scanned by sshguard e.g logfiles = ['/var/log/auth.log','/var/log/syslog'].


Number of hits after which blocking an address - default is 40.


Seconds after which unblocking a blocked address - default is 420.


Seconds after which forgetting about a cracker candidate - default is 1200.



puppet-sshguard is released under the MIT License. See the bundled LICENSE file for details.