How to set maximum SSH connections and sessions on a Linux Server

SSH can be demanding on server resources, especially when handling multiple connections or file transfers. The encryption process used by SSH consumes significant CPU power, which can slow down the server. This is particularly concerning when the server handles many simultaneous connections.

By default, an SSH server allows multiple connections at once. In some situations, like on public or jump servers, this can lead to resource overuse. Limiting the number of connections can help maintain server performance and prevent slowdowns.

You can control the number of connections by adjusting the MaxStartups and MaxSessions settings in the sshd_config file. These settings let you define how many connections and sessions the server can handle at the same time.

Steps to set maximum SSH connections:

Open the terminal application.

Access the sshd_config file using a text editor.

$ sudo vi /etc/ssh/sshd_config
[sudo] password for user:

Set the maximum number of concurrent unauthenticated connections by adjusting the MaxStartups option.

MaxStartups 10

MaxStartups
        Specifies the maximum number of concurrent unau‐
        thenticated connections to the SSH daemon.  Addi‐
        tional connections will be dropped until authenti‐
        cation succeeds or the LoginGraceTime expires for
        a connection.  The default is 10:30:100.

        Alternatively, random early drop can be enabled by
        specifying the three colon separated values
        start:rate:full (e.g. "10:30:60").  sshd(8) will
        refuse connection attempts with a probability of
        rate/100 (30%) if there are currently start (10)
        unauthenticated connections.  The probability in‐
        creases linearly and all connection attempts are
        refused if the number of unauthenticated connec‐
        tions reaches full (60).

Colon-separated value gives you more refined control. The following example will block 50% connection once it reaches 5, and will block 100% connection once the total is 10 concurrent connection.

MaxStartups 5:50:10

Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.

Define the maximum number of allowed sessions per connection by setting the MaxSessions option.

MaxSessions 5

MaxSessions
        Specifies the maximum number of open
        shell, login or subsystem (e.g. sftp)
        sessions permitted per network connec‐
        tion.  Multiple sessions may be estab‐
        lished by clients that support connection
        multiplexing.  Setting MaxSessions to 1
        will effectively disable session multi‐
        plexing, whereas setting it to 0 will
        prevent all shell, login and subsystem
        sessions while still permitting forward‐
        ing.  The default is 10.

Add the line if it doesn't already exist and remove # at the beginning of the line if it exists.

Save the changes in the sshd_config file.
Restart the SSH service to apply the new settings.
```
$ sudo systemctl restart ssh
```
Related: How to start, restart, and stop the SSH server service

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is a cloud architect with deep roots in software development and open-source advocacy. Certified in AWS, Red Hat, VMware, ITIL, and Linux, he specializes in designing and managing robust cloud and on-premises infrastructures.

Discuss the article:

Comment anonymously. Login not required.