SSH MaxStartups is not limited to 10 simultaneous unauthenticated connections
Description
SSH (Secure Shell) protocol allows you to connect to a remote Linux system securely using a variety of SSH clients. The MaxStartups parameter in SSH server specifies the maximum number of simultaneous unauthenticated connections to the SSH daemon. To protect a system from denial of service due to a large number of pending authentication connection attempts, fix this misconfiguration and limiting MaxStartups to  permit only 10 simultaneous, unauthenticated connections.
Severity
important
Category
Linux Secure Shell
Resolution
Follow the below steps to resolve the misconfiguration.
Edit the /etc/ssh/sshd_config file to set the parameter as follows:
maxstartups 10:30:60
Potential issues that may arise after applying the resolution
Altering the existing security setting may create the following impact in your network operations.
Does remediation require reboot?
No
Vulnerability Manager Plus tracks security configurations and remediate misconfigurations in your network systems from a centralized console. View a list of all the security misconfigurations detected by Vulnerability Manager Plus.
