SSHguard is the fail2ban in the OpenBSD world

Owned by Former user (Deleted)
Last updated: Jan 11, 2024
1 min read
https://www.sshguard.net/

sshguard

On Linux hosts I use Fail2ban, but for OpenBSD, I use sshguard due to limitations regarding the compatibility. sshguard will at least slow down those password brute-force attempts, which appear too often from one single IPv4 or IPv6 endpoint.

Now, obviously we should be able to limit SSH access to important systems by enforcing key-based authentication and / or Multi-Factor Authentication (MFA) based on TOTP (Time-based OneTime Pad) for example. MFA authentication for OpenSSH on OpenBSD doesn’t seem to be a viable option today, though.

fail2ban

https://www.fail2ban.org/wiki/index.php/Main_Page

 

Content by https://www.because-security.com/
📧 https://www.because-security.com/contact