gitlab-sshd: MaxStartup limit settings
OpenSSH supports the MaxStartups
configuration parameter (https://manpages.ubuntu.com/manpages/kinetic/en/man5/sshd_config.5.html):
MaxStartups
Specifies the maximum number of concurrent unauthenticated connections to the SSH
daemon. Additional connections will be dropped until authentication succeeds or the
LoginGraceTime expires for a connection. The default is 10:30:100.
Alternatively, random early drop can be enabled by specifying the three colon
separated values start:rate:full (e.g. "10:30:60"). sshd(8) will refuse connection
attempts with a probability of rate/100 (30%) if there are currently start (10)
unauthenticated connections. The probability increases linearly and all connection
attempts are refused if the number of unauthenticated connections reaches full (60).
We might want to have a similar feature to gitlab-sshd.
References: https://about.gitlab.com/blog/2019/08/27/tyranny-of-the-clock/
Edited by Ash McKenzie