lcts / sshguard


SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using one of several firewall backends.

SSHGuard can read log messages from standard input or monitor one or more log files. Log messages are parsed, line-by-line, for recognized patterns. If an attack, such as several login failures within a few seconds, is detected, the offending IP is blocked. Offenders are unblocked after a set interval, but can be semi-permanently banned using the blacklist option.

More information can be found on the project website.

Note: This is not an official package. I am not affiliated with the sshguard developers.

Installation Instructions

This package currently does not come preconfigured for the Fedora environment. You will have to edit the configuration file yourself to set the correct logreader and firewall backend. Typically, this will involve copying the provided example configuration file to /etc

$ cp /usr/share/doc/sshguard/sshguard.conf.example /etc/sshguard.conf

and setting the BACKEND and LOGREADER configuration variables

$ cat /etc/sshguard.conf <snip> BACKEND="/usr/local/libexec/sshg-fw-firewalld" LOGREADER="LANG=C /usr/bin/journalctl -afb -p info -n1 -o cat SYSLOG_IDENTIFIER=sshd" <snip>

Afterwards, the sshguard service can be enabled & started with

$ systemctl enable --now sshguard.service

Please refer to the setup documentation for details.

Future versions will most likely come preconfigured for journald and firewalld.

Active Releases

The following unofficial repositories are provided as-is by owner of this project. Contact the owner directly for bugs or issues (IE: not bugzilla).

Release Architectures Repo Download
Fedora 27 i386 (0)*, ppc64le (0)*, x86_64 (0)* Fedora 27 (2 downloads)
Fedora 28 i386 (0)*, ppc64le (0)*, x86_64 (0)* Fedora 28 (3 downloads)
Fedora 29 i386 (0)*, ppc64le (0)*, x86_64 (0)* Fedora 29 (2 downloads)
Fedora rawhide i386 (0)*, ppc64le (0)*, x86_64 (0)* Fedora rawhide (2 downloads)

* Total number of packages downloaded in the last seven days.

Last Build

No builds...

Quick Enable

dnf copr enable lcts/sshguard
More info about enabling Copr repositories

Other Actions