1. Upgrade to OpenSSH 9.8p1, which was released today. Note that this upgrade might not be straightforward as common package managers like apt do not yet provide this version.
2. As suggested [here](
https://ubuntu.com/security/CVE-2024-6387), set LoginGraceTime 0 in /etc/ssh/sshd_config. This makes sshd vulnerable to a denial of service (exhaustion of all MaxStartups connections) but protects against this vulnerability.
3. Apply the patch to your OpenSSH server as outlined [here](
https://marc.info/?l=oss-security&m=171982317624594&w=2), although this may be challenging for most users.