Limit number of connections per user?
Goran Hasse
gorhas at gmail.com
Fri Apr 16 14:23:56 EST 2010
There is also a problem of how to define a user. Is it the login name
or is it the process UID that should be used?
The /etc/passwd file sometimes looks like:
# $FreeBSD: src/etc/master.passwd,v 1.25.2.6 2002/06/30 17:57:17 des Exp $
#
root:*:0:0:Charlie &:/root:/bin/csh
ketoroot:*:0:0:Charlie &:/root:/bin/csh
nvtroot:*:0:0:Charlie &:/root:/bin/csh
oskarroot:*:0:0:Charlie &:/root:/bin/csh
toor:*:0:0:Bourne-again Superuser:/root:
GH
2010/4/16 Damien Miller <djm at mindrot.org>:
> On Thu, 15 Apr 2010, Scott Neugroschl wrote:
>
>> I'm working from modified 5.0p1 codebase.
>>
>> What I'm looking for is a mechanism to limit the number of
>> simultaneous connections on a per-user/IP basis. That is, disallow
>> multiple simultaneous logins/authentication of the same user from
>> different IP addresses.
>
> There isn't any way to do this at present and adding the ability would
> be a little tricky. The master server would need to maintain some state
> for each connection that is active so it can apply the rules.
>
> I have vague plans to get the listening server maintaining similar state
> for another reason (to track and act on frequent abnormal terminations),
> so the infrastructure might happen eventually.
>
> -d
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>
--
gorhas at gmail.com
Mob: 070-5530148
More information about the openssh-unix-dev
mailing list