What is SSH max simultaneous connections with Red Hat 3.4.6-10 ??

Hello:

By default, we discovered that '60' was the max number of simultaneous TELNET connections supported on our Red Hat 3.4.6-10 system. We changed config to UNLIMITED recently...

By default, does Red Hat 3.4.6-10 max out the number of simultaneous SSH sessions?  If so, what is the max by default and where do I go to configure UNLIMITED simultaneous connections?

Thank you!
cjb123Asked:
Who is Participating?
 
TobiasHolmConnect With a Mentor Commented:
There are no restriction on the number of authenticated simultaneous SSH connections.

You could restrict the number of overall connections to sshd with a packet filter like Netfilter (iptables) using the connlimit extension.

# limit the number of parallel SSH requests to 16 per class C sized network (24 bit netmask)
iptables -p tcp --syn --dport 22 -m connlimit --connlimit-above 16 --connlimit-mask 24 -j REJECT

Open in new window

Regards, Tobias
0
 
farzanjCommented:
It has been a while since I used RHEL 3.

Please check if ssh was controlled by xinet

ls /etc/xinet*/ss*

0
 
farzanjCommented:
Second place is the same old config file of ssh

ls /etc/ssh*/*con*

You need to check the value
MaxSessions
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
cjb123Author Commented:
Hi farzanj

I checked these two files for a MaxSessions config line but could not find any configuration line with that name.

/etc/ssh/ssh_config
and
/etc/ssh/sshd_config

Also checked /etc/init.d/sshd for that configuration label, but was not there.

Can you suggest another place I look?

Thank you.
0
 
farzanjCommented:
See my first comment.  I don't recall exactly whether Xinetd controlled ssh or not.  
There should be a file called ssh or sshd in /etc/xinet.d/

Check these values
instances     =
per_source  =  
0
 
cjb123Author Commented:
Sorry farzanj.  I'm trying but striking out...

the closest thing I've found is a file called sshd in /etc/init.d

no lines with instances = or per_source =

Any other suggestions for me?
0
 
farzanjCommented:
What is the version of you ssh

Issue the following

ssh -V
0
 
cjb123Author Commented:
Hi FarzaNJ
I'm running OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003
0
 
farzanjCommented:
I tried many ways.

Now we can start looking at the logs and error messages.


So what is the problem.  Can you re-create the problem?

One way to do is the open many ssh connection.  Every time you have to use

ssh -vvv <server>

This would show the debugging messages.  Once we can get those, we would be in a far better position to determine what is happening.

Also try

netstat -antpu  | grep ssh


I want to see how many active ssh connections you have
0
 
cjb123Author Commented:
Hello Farzanj

Active simultaneous SSH connections is now 54.  We did open many instances past 60 connections with no problem.

Currently, we have no problem with SSH-- just wondering if there is a max limitation of simultaneous sessions as there was with TELNET.

I wonder if by default the behavior is to support UNLIMITED SSH connections?

0
 
farzanjCommented:
There are a few locations in ssh set the connection limit/session limit but they are in the sshd_config file.  If you read your config files you should see it.

If you were telnet, yes, check those limits in /etc/xinetd.d/telnet

I remember, telnet for sure was controlled by xinetd.  If this happens again, get the error messages and also check the logs

tail -f /var/log/messages
tail -f /var/log/secure
0
 
TobiasHolmCommented:
Hi!

There are a value (MaxStartups) to limit unauthenticated connections:

MaxStartups
Specifies the maximum number of concurrent unauthenticated connections to the sshd daemon. Additional connections will be dropped until authentication succeeds or the LoginGraceTime expires for a connection. The default is 10.

Ref: http://linux.die.net/man/5/sshd_config

Regards, Tobias
0
 
cjb123Author Commented:
Hi Tobias,
Thank you!  Good info to know.
In our sshd_config file, the  MaxStartups line is commented out (#).
Given that the line is commented out-- I wonder what default behavior is expected then?
Should I assume that since the line is commented out the default MaxStartups is UNLIMITED?

Thanks again.
0
 
TobiasHolmCommented:
The default is 10 concurrent unauthenticated connections. Additional connections will be dropped until authentication succeeds or the LoginGraceTime expires for a connection.

Regards, Tobias
0
 
cjb123Author Commented:
Thank you. You are getting me closer.
Can I ask for this clarification:  Is there a limit to to the number of _Authenticated_  simultaneous SSH connections? If so, where is this limit defined?
0
 
ravenplCommented:
There is no limit in the sshd itself on maximum number of auth connections. However You may hit some limit in the system itself(like number of PTY's or utmp user entries or inetd if sshd is started with inetd[not recommended]) - unlikely though.

Just now, I have a system (RHEL5 though) with 360 open ssh sessions.
0
 
cjb123Author Commented:
Thank you!!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.