Menu
▾
▴
Re: [SSHGuard-users] getting sshguard to work on macOS Big Sur
|
From: Kevin Z. <kev...@gm...> - 2021-06-16 02:16:11
|
Hi Jin, On 6/15/21 11:31 AM, Jin Choi wrote: > I noticed that sshguard was not working for me on recent versions of > macOS because the necessary information from sshd wasn’t getting > reported by the log stream. I dug into it a little bit and found the > following to work (from > https://superuser.com/questions/1565891/how-to-get-ssh-logs-and-send-to-remote-syslog-server-in-macos > <https://superuser.com/questions/1565891/how-to-get-ssh-logs-and-send-to-remote-syslog-server-in-macos>): > > LOGREADER="/usr/bin/log stream --process sshd --info --style syslog > --predicate \"messageType = 'info'\"" Thanks for reporting this. Do you know if this new syntax is backwards-compatible with older versions like Catalina? > Also, pfctl is no longer enabled on startup by default. The easiest way > to get it enabled persistently without trying to mess with SIP protected > files is to enable “stealth mode” in the system firewall > (https://stackoverflow.com/questions/51017493/how-to-enable-pfctl-on-boot-time-on-mac-os > <https://stackoverflow.com/questions/51017493/how-to-enable-pfctl-on-boot-time-on-mac-os>). This would be good to add to the sshguard-setup(7) man page. |
