31 lines
656 B
Markdown
31 lines
656 B
Markdown
# Install SSH Guard
|
|
|
|
Do the Installs
|
|
|
|
```
|
|
apt-get install syslog-ng
|
|
apt-get install sshguard
|
|
```
|
|
|
|
Create the Start-Up
|
|
|
|
```
|
|
cat > /etc/syslog-ng/conf.d/00load-sshguard.conf
|
|
# pass only entries with auth+authpriv facilities from programs other
|
|
# than sshguard
|
|
filter f_sshguard { facility(auth, authpriv) and not program("sshguard"); };
|
|
# pass entries built with this format
|
|
destination sshguard {
|
|
program("/usr/sbin/sshguard"
|
|
template("$DATE $FULLHOST $MSGHDR$MESSAGE\n")
|
|
);
|
|
};
|
|
log { source(s_src); filter(f_sshguard); destination(sshguard); };
|
|
```
|
|
|
|
Restart Logging and SSH Guard
|
|
|
|
```
|
|
service syslog-ng restart
|
|
service sshguard restart
|
|
```
|