OpenSSH introduces options to penalize undesirable behavior

In a recent commit, Damien Miller (djm@) introduced the new sshd(8) configurations options, PerSourcePenalties and PerSourcePenaltyExemptList, to provide a built in facility in sshd(8) itself to penalize undesirable behavior, and to shield specific clients from penalty, respectively.

The commit message reads,

List:       openbsd-cvs
Subject:    CVS: cvs.openbsd.org: src
From:       Damien Miller <djm () cvs ! openbsd ! org>
Date:       2024-06-06 17:15:26

CVSROOT:	/cvs
Module name:	src
Changes by:	djm@cvs.openbsd.org	2024/06/06 11:15:26

Modified files:
	usr.bin/ssh    : misc.c misc.h monitor.c monitor_wrap.c 
	                 servconf.c servconf.h srclimit.c srclimit.h 
	                 sshd-session.c sshd.c sshd_config.5 

Log message:
Add a facility to sshd(8) to penalise particular problematic client
behaviours, controlled by two new sshd_config(5) options:
PerSourcePenalties and PerSourcePenaltyExemptList.

Read more…