Make MaxAuthTries configurable

This commit is contained in:
Sebastian Gumprich 2015-08-06 14:20:32 +00:00
parent 3a79dab5d8
commit 2bc353b7a9
2 changed files with 4 additions and 1 deletions

View file

@ -29,6 +29,9 @@ ssh_listen_to: ['0.0.0.0'] # sshd
# Host keys to look for when starting sshd.
ssh_host_key_files: ['/etc/ssh/ssh_host_rsa_key', '/etc/ssh/ssh_host_dsa_key', '/etc/ssh/ssh_host_ecdsa_key'] # sshd
# Specifies the maximum number of authentication attempts permitted per connection. Once the number of failures reaches half this value, additional failures are logged.
ssh_max_auth_retries: 2
ssh_client_alive_interval: 600 # sshd
ssh_client_alive_count: 3 # sshd
# one or more hosts, to which ssh-client can connect to. Default is empty, but should be configured for security reasons!

View file

@ -125,7 +125,7 @@ UsePrivilegeSeparation {% if (ansible_distribution == 'Debian' and ansible_distr
PermitUserEnvironment no
LoginGraceTime 30s
MaxAuthTries 2
MaxAuthTries {{ssh_max_auth_retries}}
MaxSessions 10
MaxStartups 10:30:100