From: Michael Tremer <michael.tremer@ipfire.org>
Date: Tue, 25 Sep 2018 19:24:39 +0000 (+0100)
Subject: ssh: Revert MaxAuthTries setting
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0a5823db023c32135b1cd3fc9c8a426cd1d70b31;p=people%2Fms%2Fipfire-2.x.git

ssh: Revert MaxAuthTries setting

This is entirely not practicable and should have been changed
before. I missed this when I tested the configuration.

It is common that multiple SSH keys exist and three is common
number (RSA, ECDSA & Ed25519). A key passed with ssh -i and
password authentication are not even tried.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/config/ssh/sshd_config b/config/ssh/sshd_config
index 4a25e83838..60bb0a9e63 100644
--- a/config/ssh/sshd_config
+++ b/config/ssh/sshd_config
@@ -12,7 +12,7 @@ ListenAddress 0.0.0.0
 
 # limit authentication thresholds
 LoginGraceTime 30s
-MaxAuthTries 3
+MaxAuthTries 6
 
 # limit maximum instanctes to prevent DoS
 MaxStartups 5