sshutout - Daemon to Stop SSH Dictionary Attacks

Distribution: Mageia 6.0
Repository: Mageia Core i586
Package name: sshutout
Package version: 1.0.6
Package release: 9.mga6
Package architecture: i586
Package type: rpm
Installed size: 75.24 KB
Download size: 39.19 KB
Official Mirror:
This is a Linux daemon, that periodically monitors log files looking for multiple failed login attempts via the Secure Shell daemon (sshd, or optionally, sshd2). The daemon is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user ID's and passwords to effect unauthorized intrusions. Typically such attacks fill the system logs with hundreds or even thousands of log entries for the failed login attempts. Aside from the nuisance of wasted space, wasted bandwidth, and reduced signal to noise ratio in the logs, the attacks can pose a real danger to systems with weak ID and password combinations. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted. While sshutout can help reduce the severity and impact of dictionary attacks, it is by no means a substitute for a good password policy. A password policy is the front line of defense against intrusion and should be given careful consideration. The sshutout daemon is merely one small tool intended to help reduce log clutter and diminish the incentive to mount dictionary attacks.



  • config(sshutout) == 1.0.6-9.mga6
  • sshutout == 1.0.6-9.mga6
  • sshutout(x86-32) == 1.0.6-9.mga6


    Install Howto

    1. Enable Mageia Core repository on "Install and Remove Software"
    2. Update packages list:
      # urpmi.update -a
    3. Install sshutout rpm package:
      # urpmi sshutout


    • /etc/sshutout.conf
    • /etc/logrotate.d/sshutout
    • /etc/sysconfig/sshutout
    • /usr/lib/systemd/system/sshutout.service
    • /usr/sbin/sshutout
    • /usr/share/doc/sshutout/License
    • /usr/share/doc/sshutout/README
    • /usr/share/doc/sshutout/sshutout.html
    • /usr/share/man/man8/sshutout.8.xz
    • /var/log/sshutout.log


    2016-02-17 - umeabot <umeabot> 1.0.6-9.mga6 + Revision: 962928 - Mageia 6 Mass Rebuild

    2015-10-23 - tv <tv> 1.0.6-8.mga6 + Revision: 894638 - do not strip thus fixing debuginfo

    2014-10-15 - umeabot <umeabot> 1.0.6-7.mga5 + Revision: 749579 - Second Mageia 5 Mass Rebuild

    2014-10-13 - eatdirt <eatdirt> 1.0.6-6.mga5 + Revision: 738470 - Migration to native systemd service

    2014-09-16 - umeabot <umeabot> 1.0.6-5.mga5 + Revision: 689324 - Mageia 5 Mass Rebuild

    2013-10-20 - umeabot <umeabot> 1.0.6-4.mga4 + Revision: 536814 - Mageia 4 Mass Rebuild

    2013-09-24 - eatdirt <eatdirt> 1.0.6-3.mga4 + Revision: 485692 - Added missing BR to syslog-daemon