Restrict SSH connections
Jakub Jelen
jjelen at redhat.com
Wed Feb 26 18:50:33 AEDT 2020
On Tue, 2020-02-25 at 11:44 +0100, mlrx wrote:
> Le 25/02/2020 à 10:56, Amit Prajapati a écrit :
> > Hi,
> >
> > Is there a way to restrict the number of active SSH client
> > connections to
> > an sshd server.
> >
> > Thanks & Regards,
> > Amit
>
> Hi,
>
> (Not a specialist but I make a try. It seems to be a good way to
> learn.)
>
> It seems to be only possible on the server configuration.
>
> Clever or not, maybe use some conditional parameters in
> sshd_config ?
> Something like:
>
> Match Group adminA
> MaxSessions 8
> Match Group adminB
> MaxSessions 4
> Match User UserA
> MaxSessions 1
> Match User UserB
> MaxSessions 2
This does not limit connections, but only multiplexed sessions inside a
single connection.
To limit amount of shells, you can use pam_limits [1], but it does not
catch non-shell connections such as sftp, port forwarding, jumps to
other servers and so on. For that, you need to use something home-
cooked or some non-standard tool.
https://serverfault.com/a/245348/186199
Regards,
--
Jakub Jelen
Senior Software Engineer
Security Technologies
Red Hat, Inc.
More information about the openssh-unix-dev
mailing list