4.2.17 Ensure sshd MaxSessions is configured

Information

The MaxSessions parameter specifies the maximum number of open sessions permitted from a given connection.

To protect a system from denial of service due to a large number of concurrent sessions, use the rate limiting function of MaxSessions to protect availability of sshd logins and prevent overwhelming the daemon.

Solution

Edit the /etc/ssh/sshd_config file to set the MaxSessions parameter to 10 or less above any Match entries as follows:

MaxSessions 10

Note: First occurrence of a option takes precedence, Match set statements withstanding.

See Also

https://workbench.cisecurity.org/benchmarks/15964