Detections
Analytics

5.2.17 Ensure sshd MaxSessions is configured

Information

The MaxSessions parameter specifies the maximum number of open sessions permitted from a given connection.

More information about the openSSH server configuration is available in the "Configure SSH Server" section overview.

To protect a system from denial of service due to a large number of concurrent sessions, use the rate limiting function of MaxSessions to protect availability of sshd logins and prevent overwhelming the daemon.

Solution

Edit the /etc/ssh/sshd_config file to set the MaxSessions parameter to 10 or less above any Match entries as follows:

MaxSessions 10

See Also

https://workbench.cisecurity.org/benchmarks/25279

Item Details

Category: CONFIGURATION MANAGEMENT, IDENTIFICATION AND AUTHENTICATION

References: 800-53|CM-1, 800-53|CM-2, 800-53|CM-6, 800-53|CM-7, 800-53|IA-5

Plugin: Unix

Control ID: f18691a7803d40a15969d8bcfcf9d151f4554d5c7d2e88bc57c65f975b2decc9