Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Evaluate use of PerSource* options for sshd #3856

Open
sxa opened this issue Jan 6, 2025 · 0 comments
Open

Evaluate use of PerSource* options for sshd #3856

sxa opened this issue Jan 6, 2025 · 0 comments
Labels
secure-dev Issues specific to SSDF/SLSA compliance work

Comments

@sxa
Copy link
Member

sxa commented Jan 6, 2025

A series of PerSource directives was introduced in OpenSSH 9.8 for blocking repeated connection attempts. We should evaluate these options and set them up on our machines to attempt to mitigate denial-of-service attempts on our machines where a suitable version is available.

Ref: https://www.openssh.com/txt/release-9.8 and the details in https://man.openbsd.org/sshd_config (That openbsd page is linked from the official openssh site)
@sxa sxa added the secure-dev Issues specific to SSDF/SLSA compliance work label Jan 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
secure-dev Issues specific to SSDF/SLSA compliance work
Projects
2025 1Q Adoptium Plan
Status: No status
Milestone
No milestone
Development

No branches or pull requests
1 participant
@sxa