[ssh_x509] Is it possible to limit maximum number of clients?

ssh_x509 at roumenpetrov.info ssh_x509 at roumenpetrov.info
Fri Apr 24 14:41:02 EEST 2020


C2 - PSA Sensitive

I am trying to limit the number of total OpenSSH connections to our Unix systems.

At first, I have tried modifying OpenSSH configuration with `MaxSessions` and `MaxStartups` options but with no success. They are ignored (maybe I don't really understand what this options are intended to).

Using PAM limits in `/etc/security/limits.conf` I have succeed with `maxsyslogins` directive:

```
# limit connections to the system to 10
*    -    maxsyslogins    10
```

It works, but we are limiting all kind of logins to the system, and using a third party solution to apply limitations to OpenSSH. By example, we have different kind of Unix (HP-UX, Solaris, Linux, AIX) and in not every server we are using PAM for authentication.

I mean, does it exists a simpler and more direct way to do it? Something similar to Apache `MaxClients` directive? 

I don't find it and it's very strange for me that OpenSSH/PKIX-SSH does not have this possibility :-|.


---
José Manuel Ciges Regueiro
Unix Systems Administrator & LAMP developer

Tel: +34 608 57.05.06
Skype:  jmciges
Email:  jmanuel at ciges.net




More information about the ssh_x509 mailing list