You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When UFW is used as firewall timeouts occur ( #106#69#77#29#17 ...) since the firewall's rate limiting kicks in if more than 6 connections within 30 seconds are established:
ufw supports connection rate limiting, which is useful for protecting against brute-force login attacks. When a limit rule is used, ufw will normally allow the connection but will deny connections if an IP address attempts to initiate 6 or more connections within 30 seconds.
Typical usage is: ufw limit ssh/tcp
-- https://manpages.ubuntu.com/manpages/noble/en/man8/ufw.8.html
There are several work-arounds:
downgrading to an older version such as appleboy/scp-action@v0.1.3
inceasing the timeout to 90 seconds or more
disabling the brute-force protection in the firewall via ufw ALLOW ssh/tcp - don't do this.
These workarounds address the timeout symptoms but fail to resolve the underlying issue. The core problem lies in the establishment of a new connection for every request. Instead, the initial SSH connection should be reused.
The text was updated successfully, but these errors were encountered:
When UFW is used as firewall timeouts occur ( #106 #69 #77 #29 #17 ...) since the firewall's rate limiting kicks in if more than 6 connections within 30 seconds are established:
There are several work-arounds:
appleboy/scp-action@v0.1.3
timeout to 90 seconds
or moreufw ALLOW ssh/tcp
- don't do this.These workarounds address the timeout symptoms but fail to resolve the underlying issue. The core problem lies in the establishment of a new connection for every request. Instead, the initial SSH connection should be reused.
The text was updated successfully, but these errors were encountered: