openssh unix dev - May 2010 - Limit number of simultaneous sftp-server connections from same ip

Hello all,

I would like to ask a short question about the configuration
capabilities of sshd / sftp-server.

I want to limit the number of connections (or instances) to an
sftp-server a user can spawn from the same ip address.
The reason is that multiple connections overload by box (connection).

My first idea was to move control of sftp-server to xinetd. There I
could maintain control of such things. However, since sftp-server
depends on a parent sshd, I was not successful. Maybe there is a way?

While limiting the use of sftp-server I want to retain _full_ access to
normal (shell-like) connections over sshd without limits.

Are such things even possible or should I switch to FTP w/ SSL?
By the way, how can I disable sftp-server completely (e.g. if I want to
work fast on the net and not allow any file transfers over sftp-server)?

Thanks for any replies,
LR

ps. openssh version is: latest.

Lars Reimann wrote:
> I want to limit the number of connections (or instances) to an
> sftp-server a user can spawn from the same ip address.
Wouldn't a simple wrapper (as opposed to xinetd) work?

> sftp-server depends on a parent sshd
How is that, exactly?

> While limiting the use of sftp-server I want to retain _full_
> access to normal (shell-like) connections over sshd without limits.
Add the wrapper to the subsystem directive in sshd_config.

> By the way, how can I disable sftp-server completely
Remove the subsystem directive from sshd_config.


//Peter