1 |
diff -up openssh-5.9p1/servconf.c.max-startups openssh-5.9p1/servconf.c |
2 |
--- openssh-5.9p1/servconf.c.max-startups 2013-02-08 15:59:09.785709477 +0100 |
3 |
+++ openssh-5.9p1/servconf.c 2013-02-08 15:59:09.792709448 +0100 |
4 |
@@ -265,11 +265,11 @@ fill_default_server_options(ServerOption |
5 |
if (options->gateway_ports == -1) |
6 |
options->gateway_ports = 0; |
7 |
if (options->max_startups == -1) |
8 |
- options->max_startups = 10; |
9 |
+ options->max_startups = 100; |
10 |
if (options->max_startups_rate == -1) |
11 |
- options->max_startups_rate = 100; /* 100% */ |
12 |
+ options->max_startups_rate = 30; /* 30% */ |
13 |
if (options->max_startups_begin == -1) |
14 |
- options->max_startups_begin = options->max_startups; |
15 |
+ options->max_startups_begin = 10; |
16 |
if (options->max_authtries == -1) |
17 |
options->max_authtries = DEFAULT_AUTH_FAIL_MAX; |
18 |
if (options->max_sessions == -1) |
19 |
diff -up openssh-5.9p1/sshd_config.5.max-startups openssh-5.9p1/sshd_config.5 |
20 |
--- openssh-5.9p1/sshd_config.5.max-startups 2013-02-08 15:59:09.786709473 +0100 |
21 |
+++ openssh-5.9p1/sshd_config.5 2013-02-08 15:59:09.793709444 +0100 |
22 |
@@ -796,7 +796,7 @@ SSH daemon. |
23 |
Additional connections will be dropped until authentication succeeds or the |
24 |
.Cm LoginGraceTime |
25 |
expires for a connection. |
26 |
-The default is 10. |
27 |
+The default is 10:30:100. |
28 |
.Pp |
29 |
Alternatively, random early drop can be enabled by specifying |
30 |
the three colon separated values |
31 |
diff -up openssh-5.9p1/sshd_config.max-startups openssh-5.9p1/sshd_config |
32 |
--- openssh-5.9p1/sshd_config.max-startups 2013-02-08 15:59:09.000000000 +0100 |
33 |
+++ openssh-5.9p1/sshd_config 2013-02-08 16:00:03.784485797 +0100 |
34 |
@@ -120,7 +120,7 @@ X11Forwarding yes |
35 |
#ShowPatchLevel no |
36 |
#UseDNS yes |
37 |
#PidFile /var/run/sshd.pid |
38 |
-#MaxStartups 10 |
39 |
+#MaxStartups 10:30:100 |
40 |
#PermitTunnel no |
41 |
#ChrootDirectory none |
42 |
|