factory-default/net-misc/openssh: restrict MaxAuthTries and MaxSessions

author: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-09-28 22:48:29 +0100
committer: Bertrand Jacquin <bertrand@jacquin.bzh> 2019-09-28 22:48:29 +0100
commit: c3786e22a0aaf137102daaeda1ab6ea015dac9eb (patch)
tree: 860ef15c2bcb5bd22a44a70f858fb0d70cfab327 /factory-default
parent: factory-default/net-misc/openssh: restrict AuthorizedKeysFile (diff)
download: portage-c3786e22a0aaf137102daaeda1ab6ea015dac9eb.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/factory-default/net-misc/openssh/etc/ssh/sshd_config b/factory-default/net-misc/openssh/etc/ssh/sshd_config
index b1b8f373..b1b858c2 100644
--- a/factory-default/net-misc/openssh/etc/ssh/sshd_config
+++ b/factory-default/net-misc/openssh/etc/ssh/sshd_config
@@ -79,6 +79,13 @@ PermitUserEnvironment no
 # Send TCP keepalive messages to the other side
 TCPKeepAlive yes
 
+# Maximum number of authentication attempts permitted per connection
+MaxAuthTries 3
+
+# Maximum number of open shell, login or subsystem (e.g. sftp) sessions
+# permitted per network connection
+MaxSessions 2
+
 # Send a message through the encrypted channel to request a response
 # from the client
 ClientAliveInterval 15
author	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-09-28 22:48:29 +0100
committer	Bertrand Jacquin <bertrand@jacquin.bzh>	2019-09-28 22:48:29 +0100
commit	c3786e22a0aaf137102daaeda1ab6ea015dac9eb (patch)
tree	860ef15c2bcb5bd22a44a70f858fb0d70cfab327 /factory-default
parent	factory-default/net-misc/openssh: restrict AuthorizedKeysFile (diff)
download	portage-c3786e22a0aaf137102daaeda1ab6ea015dac9eb.tar.xz