Menu
▾
▴
Re: [Sshguard-users] sshguard not working on OS X Yosemite
|
From: Mark F. <fe...@Fr...> - 2015-03-12 16:41:52
|
On Thu, Mar 12, 2015, at 10:25, Mike Laster wrote: > I have the latest source built (including the post 1.5 patch for the > "via" > problem. Checked out from bcf98c7e4c24. It appears that sshguard is > parsing properly since when I repeatedly fail to login via ssh from > another > machine: > > 3/12/15 8:23:49.238 AM sshd[43878]: error: PAM: authentication error for > root from 192.168.1.146 via 192.168.1.10 > 3/12/15 8:23:49.801 AM sshd[43878]: error: PAM: authentication error for > root from 192.168.1.146 via 192.168.1.10 > 3/12/15 8:23:50.206 AM sshd[43878]: error: PAM: authentication error for > root from 192.168.1.146 via 192.168.1.10 > > and it seems to add it to pf: > > > sudo pfctl -T show -t sshguard > No ALTQ support in kernel > ALTQ related functions disabled > 192.168.1.146 > > However, my ssh sessions are not actually being blocked. I can keep > hitting ssh all day from 192.168.1.146 and no blocking seems to be going > on. > > Is there something else I need to do to enable actual blocking? > What is the output of pfctl -s rules So we can see what rules are loaded. I suspect there's no actual block rule for the sshguard table. |
