Use-cases for PerSourceMaxStartups and PerSourceNetBlockSize
Phil Pennock
phil.pennock at globnix.org
Sat Mar 20 02:25:40 AEDT 2021
On 2021-03-19 at 13:06 +0200, Lars Noodén wrote:
> I notice PerSourceMaxStartups and PerSourceNetBlockSize in 8.5
> supplementing MaxStartups. What kind of use-cases were in mind for
> PerSourceMaxStartups and PerSourceNetBlockSize? I've only seen
> distributed attacks in recent years so they must have some other
> intention.
As a feature request: if there were a way to remove the "whichever is
lower" behavior combining PerSourceMaxStartups with MaxStartups, then I
would be using PerSourceMaxStartups now ^W next time I'm working in an
office.
"The office with all the developers behind a /29, all opening SSH
connections to a git server? Give that /29 MUCH higher limits. The
rest of the world? Not so much."
-Phil
More information about the openssh-unix-dev
mailing list