Bug#277207: marked as done (ssh: MaxStartups 10:30:60)

[owner@bugs.debian.org (Debian Bug Tracking System)]

Your message dated Tue, 7 May 2013 10:54:11 +0100
with message-id <20130507095411.GA10376@riva.ucam.org>
and subject line Re: Bug#277207: ssh: MaxStartups 10:30:60
has caused the Debian Bug report #277207,
regarding ssh: MaxStartups 10:30:60
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
277207: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=277207
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: ssh: MaxStartups 10:30:60
• From: at at <"yashymail.yashy.com."@serenity.yashy.com>
• Date: Tue, 19 Oct 2004 01:16:03 -0400
• Message-id: <20041019051606.2B25A4993@mail.yashy.com>

Package: ssh
Version: 1:3.8.1p1-8.sarge.1
Severity: normal



-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-686
Locale: LANG=C, LC_CTYPE=C

Versions of packages ssh depends on:
ii  adduser                     3.59         Add and remove users and groups
ii  debconf                     1.4.39       Debian configuration management sy
ii  dpkg                        1.10.23      Package maintenance system for Deb
ii  libc6                       2.3.2.ds1-18 GNU C Library: Shared libraries an
ii  libpam-modules              0.76-22      Pluggable Authentication Modules f
ii  libpam-runtime              0.76-22      Runtime support for the PAM librar
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7d-5     SSL shared libraries
ii  libwrap0                    7.6.dbs-6    Wietse Venema's TCP wrappers libra
ii  zlib1g                      1:1.2.2-1    compression library - runtime

-- debconf information:
  ssh/insecure_rshd:
  ssh/privsep_ask: true
* ssh/user_environment_tell:
* ssh/forward_warning:
  ssh/insecure_telnetd:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/SUID_client: true
  ssh/disable_cr_auth: false
* ssh/privsep_tell:
  ssh/ssh2_keys_merged:
* ssh/protocol2_only: true
  ssh/encrypted_host_key_but_no_keygen:
* ssh/run_sshd: true

# diff sshd_config sshd_config2
15a16,18
> # After 10 unauthenticated connections, refuse 30% of the new ones, 
and
> # refuse any more than 60 total.
> MaxStartups 10:30:60
# 
 
 Cheers,

--
Yashy

--- End Message ---

--- Begin Message ---

• To: 277207-done@bugs.debian.org
• Subject: Re: Bug#277207: ssh: MaxStartups 10:30:60
• From: Colin Watson <cjwatson@debian.org>
• Date: Tue, 7 May 2013 10:54:11 +0100
• Message-id: <20130507095411.GA10376@riva.ucam.org>
• In-reply-to: <20041019051606.2B25A4993@mail.yashy.com>
• References: <20041019051606.2B25A4993@mail.yashy.com>

Source: openssh
Source-Version: 1:6.1p1-3

On Tue, Oct 19, 2004 at 01:16:03AM -0400, at at wrote:
> # diff sshd_config sshd_config2
> 15a16,18
> > # After 10 unauthenticated connections, refuse 30% of the new ones, 
> and
> > # refuse any more than 60 total.
> > MaxStartups 10:30:60

I think this was essentially handled by the change of MaxStartups'
default from 10 to 10:30:100, made upstream in 6.2p1 and backported to
1:6.1p1-3.

Thanks,

-- 
Colin Watson                                       [cjwatson@debian.org]

--- End Message ---