/
SSHguard is the fail2ban in the OpenBSD world
SSHguard is the fail2ban in the OpenBSD world
- Former user (Deleted)
Owned by Former user (Deleted)
sshguard
On Linux hosts I use Fail2ban, but for OpenBSD, I use sshguard due to limitations regarding the compatibility. sshguard will at least slow down those password brute-force attempts, which appear too often from one single IPv4 or IPv6 endpoint.
Now, obviously we should be able to limit SSH access to important systems by enforcing key-based authentication and / or Multi-Factor Authentication (MFA) based on TOTP (Time-based OneTime Pad) for example. MFA authentication for OpenSSH on OpenBSD doesn’t seem to be a viable option today, though.
fail2ban
, multiple selections available,
Related content
OpenSSH ciphers the bruteforce bots don't know
OpenSSH ciphers the bruteforce bots don't know
More like this
OpenBSD usage journal
OpenBSD usage journal
More like this
Rsyslog instead syslogd on OpenBSD
Rsyslog instead syslogd on OpenBSD
More like this
Getting fitting SSHFP DNS records from OpenSSH server keys
Getting fitting SSHFP DNS records from OpenSSH server keys
More like this
Manual update of bsd.rd
Manual update of bsd.rd
More like this
Dependabot
Dependabot
More like this