Project

General

Profile

Actions

Feature #9165

open

only IPs can be added to sshguard whitelist

Added by Stefan Beckers almost 3 years ago. Updated over 1 year ago.

Status:
New
Priority:
Normal
Category:
Authentication
Target version:
-
Start date:
12/04/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

The new sshguard list feature (see #8864) does only allow addition of IP addresses. I do have the need to include DNS names, because some of the sources do change IP address over a short period in time.

sshguard itself does process DNS names in white list by just adding it to the file.

Actions #1

Updated by Jim Pingle over 2 years ago

  • Category set to Authentication
Actions #2

Updated by Viktor Gurov over 1 year ago

Stefan Beckers wrote:

The new sshguard list feature (see #8864) does only allow addition of IP addresses. I do have the need to include DNS names, because some of the sources do change IP address over a short period in time.

https://web.archive.org/web/20180902011957/https://www.sshguard.net/docs/whitelist/:

When hosts resolve to multiple addresses, all of them are whitelisted. 
Hosts are resolved to addresses once, when sshguard starts up.

Thus, this does not help in cases where sources change the IP address for a short period of time.

Actions #3

Updated by Stefan Beckers over 1 year ago

Semi-correct for me, as restart of sshguard or reboot will fix the situation without deeper knowledge of the "issue". So in reality, it will "ease" fixing the issue, also with uneducated staff is able to default to the reboot method. And the more educated admin just has to restart sshguard without editing IP lists.

You are definitely right, that this will not improve the situation for dynamic DNS on lines that change their IP on a daily base, os so. In that respect, my text was misleading.

Actions

Also available in: Atom PDF