Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Guide to the Secure Configuration of OpenEmbedded
Services
SSH Server
Configure OpenSSH Server if Necessary
Ensure SSH MaxStartups is configured
Ensure SSH MaxStartups is configured
An XCCDF Rule
Details
Profiles
Prose
Ensure SSH MaxStartups is configured
Medium Severity
The MaxStartups parameter specifies the maximum number of concurrent unauthenticated connections to the SSH daemon. Additional connections will be dropped until authentication succeeds or the LoginGraceTime expires for a connection. To confgure MaxStartups, you should add or correct the following line in the
/etc/ssh/sshd_config
file:
MaxStartups
CIS recommends a MaxStartups value of '10:30:60', or more restrictive where dictated by site policy.