5.2.22 Ensure SSH MaxSessions is limited

Information

The MaxSessions parameter specifies the maximum number of open sessions permitted from a given connection.

Note: Local site policy may be more restrictive

Rationale:

To protect a system from denial of service due to a large number of concurrent sessions, use the rate limiting function of MaxSessions to protect availability of sshd logins and prevent overwhelming the daemon.

Solution

Edit the /etc/ssh/sshd_config file to set the parameter as follows:

MaxSessions 10

Default Value:

MaxSessions 10

See Also

https://workbench.cisecurity.org/files/2920

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6, CSCv7|5.1

Plugin: Unix

Control ID: 2102f751e2be0d334f9be91ad68f494fea61c6e89e5812ab2f274641d219b537