SSHGuard 2.0.0 has been released, and here are the highlights:

Added

• Add firewalld backend
• Add ipset backend
• Annotate logs using -a flag to sshg-parser
• Match “no matching cipher” for SSH
• Preliminary support for Capsicum and pledge()
• Resurrect ipfilter backend
• Support reading from os_log on macOS 10.12 and systemd journal

Changed

• Add warning when reading from standard input
• Build and install all backends by default
• Improve log messages and tweak logging priorities
• Runtime flags now configurable in the configuration file
• SSHGuard requires a configuration file to start

Removed

• Remove process validation (-f option)

Fixed

• Fix ipfw backend on FreeBSD 11
• Fix initial block time
• Update Dovecot pattern for macOS
• Use standard score for Sendmail auth attack

You can get the latest release of SSHGuard from Sourceforge, and learn more on the SSHGuard website.

There has been a lot of changes to how SSHGuard is configured in this release. Most notable, piped commands and runtime flags should be moved from the init script to the permanent configuration file. The release contains example configurations for systemd and the journal on Linux, launchd and os_log on macOS, as well as a fully documented sshguard.conf in examples/.

Maintainers and distributors should make sure they update their distribution-specific configurations accordingly.