Forge Home

sshguard

Puppet module to install sshguard

11,234 downloads

11,234 latest version

3.5 quality score

Version information

  • 0.2.1 (latest)
released Aug 21st 2014

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'grafjo-sshguard', '0.2.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add grafjo-sshguard
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install grafjo-sshguard --version 0.2.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: ssh, sshguard

Documentation

grafjo/sshguard — version 0.2.1 Aug 21st 2014

#sshguard Build Status

A Puppet module to install and manage sshguard

##Usage

To use this module with the default configuration, just start with this:

class { 'sshguard':}

All changes can be done via class {'sshguard':}. See following parameters

#####version Puppet package ensure - see Type Reference

manage_service_ensure

Puppet service ensure - see Type Reference

manage_service_enable

Puppet service enable - see Type Reference

Customize /etc/sshguard/whitelist

whitelist

Array containing addr/host/block e.g whitelist['127.0.0.0/8','host.example.com']. Values will be written into /etc/sshguard/whitelist. To see some examples check /usr/share/doc/sshguard/examples/whitelistfile.example.

Customize /etc/default/sshguard

enable_firewall

Settingenable_filewall = 0 will prevent sshguard init script from changing firewall rules - it's your job then!

logfiles

Array containing logfiles to be scanned by sshguard e.g logfiles = ['/var/log/auth.log','/var/log/syslog'].

safety_thresh

Number of hits after which blocking an address - default is 40.

pardon_min_interval

Seconds after which unblocking a blocked address - default is 420.

prescribe_interval

Seconds after which forgetting about a cracker candidate - default is 1200.

Authors

License

puppet-sshguard is released under the MIT License. See the bundled LICENSE file for details.