If you look at
One thing you can do is set
I'm pretty sure all of the above stuff is the default configuration, now comes the part that actually sets the limit.
Once this is set up, on any log in attempt when there's already an active session, the user will get the error
man sshd_config
, you can see that there is an option for MaxSessions
. Unfortunately, this is the maximum number of sessions per network connection, not the maximum number for a specific user. One thing you can do is set
UsePAM yes
in /etc/ssh/sshd_config
, then configure PAM to handle the user limits by enabling the PAM module pam_limits.so
. If you only want the limits to apply to ssh sessions, add the following line to /etc/pam.d/sshd
:
session required pam_limits.so
I'm pretty sure all of the above stuff is the default configuration, now comes the part that actually sets the limit.
pam_limits.so
pulls its limits from /etc/security/limits.conf
. If you want a user to only be able to have one active session at a time, just add the following line to that file:
user hard maxlogins 1
Once this is set up, on any log in attempt when there's already an active session, the user will get the error
Too many logins for 'user'.
To make this apply to all users, use *
for the user. You can also have it apply to certain groups, for instance, use @users
to apply to rule to everyone in the users
group.