Menu
▾
▴
Re: [SSHGuard-users] Blacklisting attempts on root?
|
From: Kevin Z. <kev...@gm...> - 2018-10-05 16:31:25
|
On 10/4/18 5:01 PM, @lbutlr wrote: > Is it possible to confuse sshguard to instantly block anyone who tries to login as ‘root’ or ‘admin’ or some predefined list of users? There is no possibility that any legitimate connection will ever try to logon as root, admin, toor, user*, pi, guest, test, Dave, sshuser, ftpuser, and quite a few others that I see over and over again. > > Anyone who tries to ssh in as one of these accounts I just want permabanned. > > Possible? Currently, no. But it wouldn't be too hard to hack together. It'd be slightly harder to get this working nice with the rest of SSHGuard; specifically, not requiring you to recompile to enable/disable this functionality and change the list of blacklisted users. If you're comfortable compiling from source I can help you hack this together and see how well it works. -- Kevin Zheng kev...@gm... | ke...@be... | PGP: 0xC22E1090 |
