Description of problem: Default MaxSession is too low to cover for even some single-user use-cases, like building containers remotely. Version-Release number of selected component (if applicable): openssh-server-8.4p1-5.fc33.x86_64 How reproducible: Easily using docker-compose, especially newer versions which use multiple connection during the build process. Upgrading MaxSessions to 50 fixed the issue, likely even lower values would be enough but I think that 50 should be safe already. Keep in mind that number of sessions is not the same thing as number of users, lots of tools are using multiple session including ansible, vscode. Let's put a default configuration that does not need tuning for normal usage. Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Fedora is using the upstream default. https://github.com/openssh/openssh-portable/blob/ce941c75ea9cd6c358508a5b206809846c8d9240/sshd_config#L35 https://github.com/openssh/openssh-portable/blob/867a7dcf003c51d5a83f83565771a35f0d9530ac/servconf.h#L47 Looks like the config option was added in 2008, but the default has been 10 for a long time. I'm not finding upstream discussion asking for it to be changed. It probably should have an upstream discussion, or at least a Fedora devel@ discussion if the idea is for Fedora to deviate from upstream defaults and/or seek changing them.
Chris, you are right. This is default for ages and it works for normal use cases. Sorin, if your docker requires more, you can configure it for more. This was not an issue for 13 years for anyone else. I would argue that running more than 10 parallel channels is really not a good idea and does not bring any more performance.