MaxStartups and unauthenticated sessions

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Can some one please explain how config option MaxStartup is used. If you
read the documentation, it says this controls the max unauthenticated
session allowed at a time but looking at the code in sshd.c file, startup
pipes are closed just after the fork and before authentication. So it only
controls startup connections and not really the unauthenticated sessions. I
see in my system I can have more than MaxStartup unauthenticated sessions.

Also is it possible to limit the total number of current sessions at at time
(both authenticated and unauthenticated)?

Thanks for your help.


Re: MaxStartups and unauthenticated sessions

Quoted text here. Click to load it

I think it is using "unauthenticated" to mean the TCP session prior to
the SSH authentication exchange.  I'm guessing that you mean an active
SSH session of some sort (but with a different level of authentication).
Is that correct?

Quoted text here. Click to load it

What do you mean by unauthenticated?  All sessions should have passed
some level of authentication.

I don't think openssh makes it easy to do session limits like you're
looking for.  I usually prefer to do per-user limits at the OS level,
but that's not always easy.


Site Timeline