Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-13882

Support for MaxStartups Parameter to prevent ssh brute force attacks in Bitbucket

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • SSH
    • None
    • 1
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Normal ssh daemons have the ability to define the MaxStartups parameter to configure how many unauthorized connections are allowed in one second.

      Question: Is there a similar parameter available in Bitbucket to secure the git shh service against brute force attacks or is there another method available or automatically in place to prevent brute force attacks?

      There is an open question about using MaxStartups with mina-sshd (the library used for Bitbucket's SSH daemon).

      Attachments

        Activity

          People

            Unassigned Unassigned
            46ac2648bc84 Naveen
            Votes:
            3 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated: