On Tue, 30 Jun 2015, John Mann <john.mann@monash.edu> wrote:
MaxStartups still could be a problem. For example, if there are a group of client machines all trying to fetch/upload stats to one central server simultaneously every */5 minutes.
A machine here has === # grep MaxS /etc/ssh/sshd_config MaxStartups 5:30:10 ===
Then if there are some attackers trying to guess passwords at the same time as the cron jobs, the regular cron jobs can start failing intermittently.
Great point. I've changed the configuration on the server to have significantly larger values for MaxStartups and I'll see what happens next. Also I'm going to change the cron jobs to interfere with each other less, EG by making hourly jobs start at 5 minutes past the hour so they don't match up with jobs that run every 10 minutes. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/