severity 1080350 important thanks On Wed, Jul 23, 2025 at 09:54:34AM +0200, Steinar H. Gunderson wrote: > I'm wondering if there's something generally broken with MaxStartups > in trixie, beyond this; I upgraded from bookworm, and since then I've had > generally very spotty MaxStartups behavior. I never needed to change > MaxStartups before, but now, my backup and Nagios runs keep failing > all the time, with things like: > > Jul 23 04:36:07 pannekake.samfundet.no sshd[10555]: drop connection #1 from > [2a02:20c8:2640::b2ff:97a7]:39984 on [2001:67c:29f4::50]:22 Maxstartups
Adding some debug logs, it seems that the problem is indeed PerSourceMaxStartups. It seems that the list of children[] isn't properly cleaned up (perhaps srclimit_done() not being called correctly?), which makes the server think there are 10 connections for a given IP (I have PerSourceMaxStartups. 10), even though there's not even that number of connections total (see “drop connection #1”, i.e., this is the second global connection). This is going to cause pretty widespread and hard-to-debug breakage, so I'm upgrading this to important. /* Steinar */ -- Homepage: https://www.sesse.net/
