The sshd configuration specified in entrypoint.sh sets up duplicate directives for MaxAuthTries and LoginGraceTime set.
|
echo "MaxAuthTries 5" |
|
echo "LoginGraceTime 20" |
|
# Brute force protection |
|
echo "MaxSessions 10" |
|
echo "MaxAuthTries 3" |
|
echo "LoginGraceTime 15" |
Given how sshd processes the config files, the first directive wins, and the less stringent values for these settings are enforced, which can be confirmed by running sshd -T inside the container.
I suggest removing the lines at 94-95 so that only the more stringent settings listed under the # Brute Force Protection section at line 115 are written to the config file and then enforced by sshd.
The sshd configuration specified in
entrypoint.shsets up duplicate directives forMaxAuthTriesandLoginGraceTimeset.docker-ssh/src/rootfs/entrypoint.sh
Lines 94 to 95 in 8c8f3ee
docker-ssh/src/rootfs/entrypoint.sh
Lines 115 to 118 in 8c8f3ee
Given how sshd processes the config files, the first directive wins, and the less stringent values for these settings are enforced, which can be confirmed by running
sshd -Tinside the container.I suggest removing the lines at 94-95 so that only the more stringent settings listed under the
# Brute Force Protectionsection at line 115 are written to the config file and then enforced by sshd.