Results 1 to 2 of 2
  1. #1

    MaxStartups (OpenSSH)

    I'm not sure if I have understood this option. As far as I know it means that by default only 10 unauthenticated connections are allowed. So I wonder that if some is using a brute force soft with proxies they can easily overload this limit and this way disallow me to connect to the ssh so I could not login to my own server?

  2. #2
    Join Date
    Apr 2005
    Location
    Cochin
    Posts
    2,446
    MaxStartups is limiting max number of concurrent unauthenticated connections, therefore attacker won't b able to run more than 5 parallel sessions against your server.

    For eg :
    MaxStartups 3:50:10

    The colon separated values tells the ssh server to, "allow 3 users to attempt logging in at the same time, and to randomly and increasingly drop connection attempts between 3 and the maximum of 10"

    Other solutions to secure your sshd are

    1. Run it on a non standard port

    2. "port-knocking", make a connection to another port (or ports) before trying sshd.

    3. Ssh key login
    Sam
    Supportlobby.com - Expertise in Windows/Linux server support, IaaS and PaaS Management
    Spiralbean.com - Custom Software Development
    Email: exec @ activelobby.net | Skype: unni_active

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •