diff --git a/group_vars/all/main.yml b/group_vars/all/main.yml
index d451085..2d5002a 100644
--- a/group_vars/all/main.yml
+++ b/group_vars/all/main.yml
@@ -928,6 +928,12 @@ sshd_host_keys:
   - /etc/ssh/ssh_host_ecdsa_key
   - /etc/ssh/ssh_host_ed25519_key
 
+sshd_max_startups: !!str "10:30:100"
+
+sshd_max_auth_tries: 3
+
+sshd_max_sessions: 10
+
 sshd_permit_root_login: !!str "no"
 
 sshd_authorized_keys_file: ".ssh/authorized_keys .ssh/authorized_keys2"
diff --git a/host_vars/file-mbr.mbr-bln.netz.yml b/host_vars/file-mbr.mbr-bln.netz.yml
index ef4bc4d..ae5a939 100644
--- a/host_vars/file-mbr.mbr-bln.netz.yml
+++ b/host_vars/file-mbr.mbr-bln.netz.yml
@@ -13,6 +13,8 @@ set_default_limit_nofile: true
 # vars used by roles/common/tasks/sshd.yml
 # ---
 
+sshd_max_auth_tries: 6
+
 sshd_permit_root_login: !!str "yes"
 
 sshd_password_authentication: !!str "yes"
diff --git a/roles/common/templates/etc/ssh/sshd_config.j2 b/roles/common/templates/etc/ssh/sshd_config.j2
index 67cfc8a..1c80f64 100644
--- a/roles/common/templates/etc/ssh/sshd_config.j2
+++ b/roles/common/templates/etc/ssh/sshd_config.j2
@@ -54,17 +54,17 @@ HostKey {{ item }}
 # The default is 10.
 #MaxStartups 10:30:100
 #MaxStartups 3
-MaxStartups 10:30:100
+MaxStartups {{ sshd_max_startups }}
 
 # Specifies the maximum number of authentication attempts permitted per
 # connection.
 # The default is 6.
-MaxAuthTries 3
+MaxAuthTries {{ sshd_max_auth_tries }}
 
 # Specifies the maximum number of open sessions permitted per network
 # connection.
 # The default is 10.
-MaxSessions 10
+MaxSessions {{ sshd_max_sessions }}
 
 
 #-----------------------------