Mercurial > dropbear
changeset 1794:ed20d805b332
Disable UNAUTH_CLOSE_DELAY by default
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Tue, 02 Mar 2021 22:20:14 +0800 |
| parents | f90e681b8b8c |
| children | f0a524208d97 |
| files | default_options.h |
| diffstat | 1 files changed, 5 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/default_options.h Fri Jan 29 21:59:12 2021 +0800 +++ b/default_options.h Tue Mar 02 22:20:14 2021 +0800 @@ -256,8 +256,11 @@ /* -T server option overrides */ #define MAX_AUTH_TRIES 10 -/* Delay introduced before closing an unauthenticated session (seconds) */ -#define UNAUTH_CLOSE_DELAY 30 +/* Delay introduced before closing an unauthenticated session (seconds). + Disabled by default, can be set to say 30 seconds to reduce the speed + of password brute forcing. Note that there is a risk of denial of + service by setting this */ +#define UNAUTH_CLOSE_DELAY 0 /* The default file to store the daemon's process ID, for shutdown scripts etc. This can be overridden with the -P flag */