[SSHGuard-users] getting sshguard to work on macOS Big Sur

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

I noticed that sshguard was not working for me on recent versions of macOS because the necessary information from sshd wasn’t getting reported by the log stream. I dug into it a little bit and found the following to work (from https://superuser.com/questions/1565891/how-to-get-ssh-logs-and-send-to-remote-syslog-server-in-macos <https://superuser.com/questions/1565891/how-to-get-ssh-logs-and-send-to-remote-syslog-server-in-macos>):

LOGREADER="/usr/bin/log stream --process sshd --info --style syslog --predicate \"messageType = 'info'\""

Also, pfctl is no longer enabled on startup by default. The easiest way to get it enabled persistently without trying to mess with SIP protected files is to enable “stealth mode” in the system firewall (https://stackoverflow.com/questions/51017493/how-to-enable-pfctl-on-boot-time-on-mac-os <https://stackoverflow.com/questions/51017493/how-to-enable-pfctl-on-boot-time-on-mac-os>).

[SSHGuard-users] getting sshguard to work on macOS Big Sur

Intelligently block brute-force attacks by aggregating system logs

[SSHGuard-users] getting sshguard to work on macOS Big Sur