Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

MaxSessions option in sshd_config

 

 

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


suryasantu at gmail

Aug 16, 2011, 8:51 AM

Post #1 of 2 (2234 views)
Permalink
MaxSessions option in sshd_config

Hi,

I need information regarding MaxSessions option in sshd_config. As i
understand, it defines the maximum number of channels that can be opened at
any point of time between two hosts that are connected over SSH. The default
value for this option is 10 in openSSH. What all needs to be considered if i
want to increase this value? Are there any security concerns with increase
of this value or does memory usage of SSHD increases? Please help.


--
Thanks in Advance,
Surya
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


djm at mindrot

Aug 16, 2011, 5:20 PM

Post #2 of 2 (2226 views)
Permalink
Re: MaxSessions option in sshd_config [In reply to]

On Tue, 16 Aug 2011, Surya Santosh wrote:

> Hi,
>
> I need information regarding MaxSessions option in sshd_config. As
> i understand, it defines the maximum number of channels that can be
> opened at any point of time between two hosts that are connected over
> SSH. The default value for this option is 10 in openSSH. What all
> needs to be considered if i want to increase this value? Are there any
> security concerns with increase of this value or does memory usage of
> SSHD increases? Please help.

I'm not aware of any security considerations, but if you increase the
limit too far then you might run out of file descriptors in the sshd
that is serving the connection. sshd tries to do the right thing in this
case, but it might cause the whole connection to terminate if it gets it
wrong.

Each session may use up to five fds, and you will need more a handful
more file descriptors for the network connection and housekeeping. Also
remember that each port-, X11 and agent forwarding session requires at
least two more.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.