macOS
brew install sshguardlocal Homebrew formula metadata
sudo port install sshguardMacPorts ports tree · net/sshguard/Portfile · source: api.github.com
brew
Protect from brute force attacks against SSH. Version 2.5.1 via Homebrew; verified from local package data.
install
brew install sshguardlocal Homebrew formula metadata
sudo port install sshguardMacPorts ports tree · net/sshguard/Portfile · source: api.github.com
sudo apk add sshguardAlpine Linux edge package indexes · sshguard · source: dl-cdn.alpinelinux.org
sudo apt install sshguardDebian stable package indexes · sshguard · source: deb.debian.org
sudo dnf install sshguardFedora Rawhide package metadata · sshguard · source: dl.fedoraproject.org
nix profile install nixpkgs#sshguardnixpkgs package indexes · pkgs/by-name/ss/sshguard/package.nix · source: api.github.com
sudo pacman -S sshguardArch Linux sync databases · sshguard · source: geo.mirror.pkgbuild.com
sudo zypper install sshguardopenSUSE Tumbleweed package metadata · sshguard · source: download.opensuse.org
overview
Protect from brute force attacks against SSH
history
SSHGuard is a small intrusion-prevention utility that watches system logs for brute-force attacks and blocks repeat offenders through a firewall backend. It became package-manager material because it gives Unix administrators a lightweight alternative to heavier log-monitoring stacks.
The official manual and README describe SSHGuard as a tool that aggregates logs and blocks attackers using backends such as pf, ipfw, firewalld, iptables, ipset, nftables, IPFILTER, and hosts.allow. The manual copyright dates begin in 2007, and the current manual version is 2.5.1.
SSHGuard's official site emphasizes portability and small size, describing it as small C and Bourne shell code with support for many log sources and firewall systems. The input package-manager facts show it available across Homebrew, Debian, Ubuntu, Fedora, Arch, Alpine, Nix, MacPorts, and openSUSE ecosystems.
Operators configure `sshguard.conf`, choose a backend, and feed SSHGuard logs through files, syslog-style services, systemd journal, or macOS log streaming. Attackers are blocked after their score exceeds a threshold and can be temporarily blocked, permanently blacklisted, or whitelisted through explicit addresses or a whitelist file.
Package nerds care because SSHGuard is pure Unix plumbing: logs in, firewall commands out, minimal daemon surface. It is a good example of security tooling whose packaging value lies in service files, default config paths, backend selection, and integration with each operating system's logging and firewall conventions.
security posture
broad file, network, media, or database tool signal. formula declares a Homebrew service.
orange risk · medium confidence · infrastructure
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
%PREFIX%/etc/sshguard.confexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
sshguard | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
install metadata
| Package key | brew:sshguard |
|---|---|
| Version | 2.5.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/sshguard |
| Homepage | https://www.sshguard.net/ |
| Repository | https://bitbucket.org/sshguard/sshguard |
| Upstream docs | https://bitbucket.org/sshguard/sshguard/raw/master/README.rst |
| License | ISC |
| Source archive | https://downloads.sourceforge.net/project/sshguard/sshguard/2.5.1/sshguard-2.5.1.tar.gz |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | declared |
| Caveats | Add the following lines to /etc/pf.conf to block entries in the sshguard table (replace $ext_if with your WAN interface): table <sshguard> persist block in quick on $ext_if proto tcp from <sshguard> to any port 22 label "ssh bruteforce" Then run sudo pfctl -f /etc/pf.conf to reload the rules. |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | sshguard |
| Version Scheme | 1 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
sshguard 2.4.3-1
Protects from brute force attacks against ssh
https://sshguard.sourceforge.net
sudo apt install sshguardsshguard
nix profile install nixpkgs#sshguardsshguard 2.4.2-1
Protects from brute force attacks against ssh
http://sshguard.sourceforge.net
sudo apt install sshguardsshguard 2.5.1-r0
Protects hosts from brute-force attacks against SSH and other services
sudo apk add sshguardsshguard-doc 2.5.1-r0
Protects hosts from brute-force attacks against SSH and other services (documentation)
sudo apk add sshguard-docsshguard-openrc 2.5.1-r0
Protects hosts from brute-force attacks against SSH and other services (OpenRC init scripts)
sudo apk add sshguard-openrcsshguard 2.5.1-3.fc44
Protects hosts from brute-force attacks against SSH and other services
sudo dnf install sshguardsshguard-firewalld 2.5.1-3.fc44
Configuration for firewalld backend of SSHGuard
sudo dnf install sshguard-firewalldsshguard-iptables 2.5.1-3.fc44
Configuration for iptables backend of SSHGuard
sudo dnf install sshguard-iptablessshguard-nftables 2.5.1-3.fc44
Configuration for nftables backend of SSHGuard
sudo dnf install sshguard-nftablessshguard 2.5.1-1
Brute force detector for SSH, Exim, VSFTPD and more. Blocks by ip with iptables
sudo pacman -S sshguardsshguard 2.4.3-2.3
SSH brute force attack protector
sudo zypper install sshguardsshguard
sudo port install sshguardsource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.