Package: sshguard Version: 2.3.1-1 Severity: grave Tags: security Justification: renders package unusable
Dear Maintainer, sshguard blocks the remote ssh client at 1st mistake regardless of THRESHOLD option value OS: Debian Linux 10.9 SSH server: openssh-server 1:7.9p1-10+deb10 sshguard version: 2.3.1-1 Changing the 'THRESHOLD' option in /etc/sshguard/sshguard.conf file doesn't have effect in the sshguard behavior! It always blocks the ssh client after 1st mistake! (bad userid, bad password, ...) It seems that the issue is due to a mis-configuration in debian (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=928525), or is caused by some bug in upstream that is claimed to be fixed in newer versions (https://bitbucket.org/sshguard/sshguard/issues/140/sshguard-blocks- the-remote-client-at-1st). -- System Information: Debian Release: 10.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-16-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages sshguard depends on: ii libc6 2.28-10 ii lsb-base 10.2019051400 Versions of packages sshguard recommends: ii nftables 0.9.0-2 sshguard suggests no packages. -- no debconf information
