diff options
author | Damien Miller <djm@mindrot.org> | 2008-05-19 15:34:50 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2008-05-19 15:34:50 +1000 |
commit | 7207f64a23a49a719aad3083c068f50e5034ccb8 (patch) | |
tree | 7ce6e49ae0713fad145ea9feb0181ec4d250ed75 /sshd_config.5 | |
parent | 9417831eced03242e283e30286ac06ca2ce6d83e (diff) |
- djm@cvs.openbsd.org 2008/05/08 12:21:16
[monitor.c monitor_wrap.c session.h servconf.c servconf.h session.c]
[sshd_config sshd_config.5]
Make the maximum number of sessions run-time controllable via
a sshd_config MaxSessions knob. This is useful for disabling
login/shell/subsystem access while leaving port-forwarding working
(MaxSessions 0), disabling connection multiplexing (MaxSessions 1) or
simply increasing the number of allows multiplexed sessions.
Because some bozos are sure to configure MaxSessions in excess of the
number of available file descriptors in sshd (which, at peak, might be
as many as 9*MaxSessions), audit sshd to ensure that it doesn't leak fds
on error paths, and make it fail gracefully on out-of-fd conditions -
sending channel errors instead of than exiting with fatal().
bz#1090; MaxSessions config bits and manpage from junyer AT gmail.com
ok markus@
Diffstat (limited to 'sshd_config.5')
-rw-r--r-- | sshd_config.5 | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 99b5621e7..0d8c140bf 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
@@ -34,8 +34,8 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: sshd_config.5,v 1.89 2008/05/07 08:00:14 jmc Exp $ | 37 | .\" $OpenBSD: sshd_config.5,v 1.90 2008/05/08 12:21:16 djm Exp $ |
38 | .Dd $Mdocdate: May 19 2008 $ | 38 | .Dd $Mdocdate: May 8 2008 $ |
39 | .Dt SSHD_CONFIG 5 | 39 | .Dt SSHD_CONFIG 5 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -594,6 +594,9 @@ connection. | |||
594 | Once the number of failures reaches half this value, | 594 | Once the number of failures reaches half this value, |
595 | additional failures are logged. | 595 | additional failures are logged. |
596 | The default is 6. | 596 | The default is 6. |
597 | .It Cm MaxSessions | ||
598 | Specifies the maximum number of open sessions permitted per network connection. | ||
599 | The default is 10. | ||
597 | .It Cm MaxStartups | 600 | .It Cm MaxStartups |
598 | Specifies the maximum number of concurrent unauthenticated connections to the | 601 | Specifies the maximum number of concurrent unauthenticated connections to the |
599 | SSH daemon. | 602 | SSH daemon. |