View the security misconfiguration catalog
  • Misconfiguration Name
  • SSH MaxStartups is not limited to 10 simultaneous unauthenticated connections
  • Description
  • SSH (Secure Shell) protocol allows you to connect to a remote Linux system securely using a variety of SSH clients. The MaxStartups parameter in SSH server specifies the maximum number of simultaneous unauthenticated connections to the SSH daemon. To protect a system from denial of service due to a large number of pending authentication connection attempts, fix this misconfiguration and limiting MaxStartups to  permit only 10 simultaneous, unauthenticated connections.
  • Severity
  • important
  • Category
  • Linux Secure Shell
  • Resolution
  • Follow the below steps to resolve the misconfiguration. Edit the /etc/ssh/sshd_config file to set the parameter as follows:
    maxstartups 10:30:60
  • Potential issues that may arise after applying the resolution
  • Altering the existing security setting may create the following impact in your network operations.
  • Does remediation require reboot?
  • No