From c50e8f145ba03f0a4899138e239ef725f94df3df Mon Sep 17 00:00:00 2001
From: Brandon Williams <brandon.williams@amazee.io>
Date: Thu, 31 Oct 2024 15:39:19 -0500
Subject: [PATCH] feat: ssh configurable number of public key attempts before
 failing

---
 services/ssh/docker-entrypoint.sh | 2 ++
 services/ssh/etc/ssh/sshd_config  | 5 ++++-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/services/ssh/docker-entrypoint.sh b/services/ssh/docker-entrypoint.sh
index 42e5a4f451..41623ae26d 100755
--- a/services/ssh/docker-entrypoint.sh
+++ b/services/ssh/docker-entrypoint.sh
@@ -2,6 +2,8 @@
 
 export USER_ID=$(id -u)
 
+ep /etc/ssh/sshd_config
+
 ep /home/token.sh
 ep /home/grant.sh
 ep /home/token-debug.sh
diff --git a/services/ssh/etc/ssh/sshd_config b/services/ssh/etc/ssh/sshd_config
index de5454e92f..a0faa3ac70 100644
--- a/services/ssh/etc/ssh/sshd_config
+++ b/services/ssh/etc/ssh/sshd_config
@@ -6,6 +6,9 @@ HostKey /etc/ssh/ssh_host_ed25519_key
 
 LogLevel INFO
 
+# Sets the allowed number of ssh-agent key attempts before failure
+MaxAuthTries ${MAX_AUTH_TRIES:-6}
+
 PermitRootLogin no
 
 # The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
@@ -39,4 +42,4 @@ ClientAliveInterval 60
 ClientAliveCountMax 1440 # max keepalive of 24h
 
 # This will allow sftp access
-Subsystem sftp sftp-server -u 0002
\ No newline at end of file
+Subsystem sftp sftp-server -u 0002