projects
/
mirror
/
dsa-puppet.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
9867e41
)
sshd: Raise MaxStartups on ssh upload hosts
author
Peter Palfrader
<peter@palfrader.org>
Fri, 2 Feb 2018 09:39:20 +0000
(10:39 +0100)
committer
Peter Palfrader
<peter@palfrader.org>
Fri, 2 Feb 2018 09:39:25 +0000
(10:39 +0100)
modules/ssh/templates/sshd_config.erb
patch
|
blob
|
history
diff --git
a/modules/ssh/templates/sshd_config.erb
b/modules/ssh/templates/sshd_config.erb
index
6828606
..
ca68f52
100644
(file)
--- a/
modules/ssh/templates/sshd_config.erb
+++ b/
modules/ssh/templates/sshd_config.erb
@@
-21,6
+21,12
@@
HostKey /etc/ssh/ssh_host_rsa_key
<%- if has_variable?("has_etc_ssh_ssh_host_ed25519_key") && @has_etc_ssh_ssh_host_ed25519_key -%>
HostKey /etc/ssh/ssh_host_ed25519_key
<% end %>
<%- if has_variable?("has_etc_ssh_ssh_host_ed25519_key") && @has_etc_ssh_ssh_host_ed25519_key -%>
HostKey /etc/ssh/ssh_host_ed25519_key
<% end %>
+<% if scope.function_has_role(['ssh.upload.d.o']) -%>
+# On ssh upload hosts we have many clients doing ssh connections to us.
+# sshd has - by default - a limit of 10 on the number of currently
+# unauthenticated (or not yet authenticated) connections. Raise that limit.
+MaxStartups 100:30:200
+<% end %>
# Authentication:
PermitRootLogin without-password
# Authentication:
PermitRootLogin without-password