Skip to content

5.2.18 Ensure SSH MaxAuthTries is set to 4 or less

Audit#

Run the following command and verify that output MaxAuthTries is 4 or less: 

# sshd -T -C user=root -C host="$(hostname)" -C addr="$(grep $(hostname) /etc/hosts | awk '{print $1}')" | grep maxauthtries
maxauthtries 4

Run the following command and verify that the output: 

# grep -Ei '^\s*maxauthtries\s+([5-9]|[1-9][0-9]+)' /etc/ssh/sshd_config

Nothing is returned

Remediation#

Edit the /etc/ssh/sshd_config file to set the parameter as follows: 

MaxAuthTries 4

Default Value:

MaxAuthTries 6