- dtucker@cvs.openbsd.org 2013/02/06 00:20:42 [servconf.c sshd_config sshd_config.5] Change default of MaxStartups to 10:30:100 to start doing random early drop at 10 connections up to 100 connections. This will make it harder to DoS as CPUs have come a long way since the original value was set back in 2000. Prompted by nion at debian org, ok markus@

commit: 1f583df8c3a7a3731a18b17e14c9ec09f31905ba [log] [tgz]
author: Damien Miller <djm@mindrot.org> Tue Feb 12 11:02:08 2013 +1100
committer: Damien Miller <djm@mindrot.org> Tue Feb 12 11:02:08 2013 +1100
tree: 54ea8f178b181dc6c45afa02f3bfd6d17afa4263
parent: 0cd2f8e5f8276e178d696f3495ca2a9a691dccf5 [diff] [blame]
diff --git a/sshd_config b/sshd_config
index 3d35bef..9cd2fdd 100644
--- a/sshd_config
+++ b/sshd_config

@@ -1,4 +1,4 @@
-#	$OpenBSD: sshd_config,v 1.88 2012/10/30 21:29:55 djm Exp $
+#	$OpenBSD: sshd_config,v 1.89 2013/02/06 00:20:42 dtucker Exp $
 
 # This is the sshd server system-wide configuration file.  See
 # sshd_config(5) for more information.
@@ -109,7 +109,7 @@
 #ClientAliveCountMax 3
 #UseDNS yes
 #PidFile /var/run/sshd.pid
-#MaxStartups 10
+#MaxStartups 10:30:100
 #PermitTunnel no
 #ChrootDirectory none
 #VersionAddendum none
commit	1f583df8c3a7a3731a18b17e14c9ec09f31905ba	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Tue Feb 12 11:02:08 2013 +1100
committer	Damien Miller <djm@mindrot.org>	Tue Feb 12 11:02:08 2013 +1100
tree	54ea8f178b181dc6c45afa02f3bfd6d17afa4263
parent	0cd2f8e5f8276e178d696f3495ca2a9a691dccf5 [diff] [blame]