If SSHD is enabled it _MUST_ be configured with an Active Client Alive Maximum Count set to zero. Terminating an idle session within a short time period reduces the window of opportunity for unauthorized personnel to take control of a management session enabled on the console or console port that has been left unattended. In addition, quickly terminating an idle session or an incomplete login attempt will also free up resources committed by the managed network element. NOTE: /etc/ssh/sshd_config will be automatically modified to its original state following any update or major upgrade to the operating system. Fix: /usr/bin/sed -i.bak 's/.*ClientAliveCountMax.*/ClientAliveCountMax 0/' /etc/ssh/sshd_config; /bin/launchctl kickstart -k system/com.openssh.sshd

[0]

/usr/bin/sed -i.bak 's/.*ClientAliveCountMax.*/ClientAliveCountMax 0/' /etc/ssh/sshd_config; /bin/launchctl kickstart -k system/com.openssh.sshd