[Bug 3055] Need some high-probability logging re MaxStartups

Fri May 15 15:26:35 AEST 2020

https://bugzilla.mindrot.org/show_bug.cgi?id=3055

Damien Miller <djm at mindrot.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |ASSIGNED
                 CC|                            |djm at mindrot.org,
                   |                            |dtucker at dtucker.net
           Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org
   Attachment #3394|                            |ok?(dtucker at dtucker.net)
              Flags|                            |

--- Comment #1 from Damien Miller <djm at mindrot.org> ---
Created attachment 3394
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3394&action=edit
better logging for MaxStartups throttling

This implements better logging of MaxStartups.

When MaxStartups is first hit, sshd will log this and the four-tuple
for the offending connection.

Add periodic logging (every 5 minutes) while in MaxStartups that
includes how long the condition has been in effect, the number of
connections dropped and the most recent offending connection.

Log when MaxStartups was exited too. This is defined by the number of
active pre-auth connections falling to two below the threshold.

Hopefully this isn't too noisy, otherwise we might need to add
time-based hysteresis for the exit case too.

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.