changeset 1794:ed20d805b332

Disable UNAUTH_CLOSE_DELAY by default
author Matt Johnston <matt@ucc.asn.au>
date Tue, 02 Mar 2021 22:20:14 +0800
parents f90e681b8b8c
children f0a524208d97
files default_options.h
diffstat 1 files changed, 5 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/default_options.h	Fri Jan 29 21:59:12 2021 +0800
+++ b/default_options.h	Tue Mar 02 22:20:14 2021 +0800
@@ -256,8 +256,11 @@
 /* -T server option overrides */
 #define MAX_AUTH_TRIES 10
 
-/* Delay introduced before closing an unauthenticated session (seconds) */
-#define UNAUTH_CLOSE_DELAY 30
+/* Delay introduced before closing an unauthenticated session (seconds).
+   Disabled by default, can be set to say 30 seconds to reduce the speed
+   of password brute forcing. Note that there is a risk of denial of 
+   service by setting this */
+#define UNAUTH_CLOSE_DELAY 0
 
 /* The default file to store the daemon's process ID, for shutdown
    scripts etc. This can be overridden with the -P flag */