Set SSH authentication attempt limit

An XCCDF Rule

Details
Profiles
Prose

Description

The MaxAuthTries parameter specifies the maximum number of authentication attempts permitted per connection. Once the number of failures reaches half this value, additional failures are logged. to set MaxAUthTries edit /etc/ssh/sshd_config as follows:

MaxAuthTries

Rationale

Setting the MaxAuthTries parameter to a low number will minimize the risk of successful brute force attacks to the SSH server.

ID: xccdf_org.ssgproject.content_rule_sshd_set_max_auth_tries
Severity: Medium
References: 0421 0422 0431 0974 1173 1401 1504 1505 1546 1557 1558 1559 1560 1561

2.2.6
Updated: about 1 year ago