From d1cebc658174a16014c2a3847bdf55bb3553b7fb Mon Sep 17 00:00:00 2001
From: Your Name <you@example.com>
Date: Sat, 7 Feb 2026 19:58:55 +0800
Subject: more robust for ssh floods

---
 sshd_config | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'sshd_config')

diff --git a/sshd_config b/sshd_config
index ab4c469..5d31e36 100644
--- a/sshd_config
+++ b/sshd_config
@@ -3,4 +3,8 @@ PermitRootLogin prohibit-password
 PasswordAuthentication no
 PubkeyAuthentication yes
 AuthorizedKeysFile /git/.ssh/authorized_keys
+# Max 3 concurrent unauthenticated connections, drop 50% above that, hard cap at 10
+MaxStartups 3:50:10
+# Kill unauthenticated connections after 15 seconds
+LoginGraceTime 15
 Subsystem sftp /usr/lib/ssh/sftp-server
-- 
cgit