[Sshguard-users] sshguard on OpenBSD

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi,

I am using sshguard on OpenBSD 4.1 with pf. It does not work
using the setup from the documentation, because syslogd is
not running as root but _syslogd on OpenBSD, which results
in sshguard being executed as _syslogd lacking the privileges
required to add new addresses to the sshguard table. I solved
the problem by allowing _syslogd to execute sshguard as root
through sudo and adjusted the syslog.conf appropriately. Maybe
you should point this out in the documentation, since the log
just says
sshguard[28812]: Blocking command failed. Exited: -1
sshguard[28812]: Release command failed. Exited: -1
which isn't particularly helpful.

Also, you may want to consider calling pfctl with -q since
otherwise it operates pretty verbosely. I don't know if these
messages appear in some log, otherwise it doesn't really
matter.

-Mike

[Sshguard-users] sshguard on OpenBSD

Intelligently block brute-force attacks by aggregating system logs

[Sshguard-users] sshguard on OpenBSD