Information
The 'MaxAuthTries' parameter in the /etc/ssh/sshd_config file specifies the maximum
number of authentication attempts permitted per connection. By restricting the number of
failed authentication attempts before the server terminates the connection, malicious users
are blocked from gaining access to the host by using repetitive brute-force login exploits.
By setting the authentication login limit to a low value this will disconnect the attacker and
force a reconnect, which severely limits the speed of such brute force attacks.
Solution
Perform the following to implement the recommended state-# awk '/^MaxAuthTries/ { $2 = '6' }
{ print }' /etc/ssh/sshd_config > /etc/ssh/sshd_config.CIS
# mv /etc/ssh/sshd_config.CIS /etc/ssh/sshd_config
# svcadm restart svc-/network/ssh