Skip to content

5.2.20 Ensure SSH MaxSessions is set to 10 or less

Audit#

Run the following command and verify that output MaxSessions is 10 or less: 

# sshd -T -C user=root -C host="$(hostname)" -C addr="$(grep $(hostname) /etc/hosts | awk '{print $1}')" | grep -i maxsessions
maxsessions 10

Run the following command and verify the output: 

grep -Ei '^\s*MaxSessions\s+(1[1-9]|[2-9][0-9]|[1-9][0-9][0-9]+)' /etc/ssh/sshd_config

Nothing should be returned

Remediation#

Edit the /etc/ssh/sshd_config file to set the parameter as follows: 

MaxSessions 10

Default Value:

MaxSessions 10