[Sshguard-users] Username Blacklisting

[Laurence P. (OE) <lpe...@op...>]

While we're discussing potential new features, I've noticed that nearly
all attackers hit the same list of default usernames (root, pi, ubuntu,
etc.)  It would be useful to be able to specify a list of usernames that
result in an immediate block without waiting for the login to fail.
(Processing the login attempt uses a not-insignificant amount of CPU on
low-end machines like a Raspberry Pi.  Blocking the connection
immediately would save quite a bit.)

LMP