diff --git a/go.mod b/go.mod
index 1fc9f41..2ebfa10 100644
--- a/go.mod
+++ b/go.mod
@@ -4,6 +4,7 @@ go 1.16
 
 require (
 	github.com/gofrs/uuid v4.0.0+incompatible
+	github.com/onsi/gomega v1.19.0
 	github.com/stretchr/testify v1.7.0
 	golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a
 )
diff --git a/go.sum b/go.sum
index 1607b45..ccedf9f 100644
--- a/go.sum
+++ b/go.sum
@@ -1,22 +1,114 @@
-github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
+github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI=
+github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
+github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
 github.com/gofrs/uuid v4.0.0+incompatible h1:1SD/1F5pU8p29ybwgQSwpQk+mwdRrXCYuPhW6m+TnJw=
 github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
+github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
+github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
+github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
+github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
+github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
+github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
+github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
+github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
+github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
+github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/pprof v0.0.0-20210407192527-94a9f03dee38/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE=
+github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
+github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
+github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
+github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
+github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
+github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.16.4 h1:29JGrr5oVBm5ulCWet69zQkzWipVXIol6ygQUe/EzNc=
+github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
+github.com/onsi/ginkgo/v2 v2.1.3 h1:e/3Cwtogj0HA+25nMP1jCMDIf8RtRYbGwGGuBIFztkc=
+github.com/onsi/ginkgo/v2 v2.1.3/go.mod h1:vw5CSIxN1JObi/U8gcbwft7ZxR2dgaR70JSE3/PpL4c=
+github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
+github.com/onsi/gomega v1.17.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY=
+github.com/onsi/gomega v1.19.0 h1:4ieX6qQjPP/BfC3mpsAtIGGlxTWPeA3Inl/7DtXw1tw=
+github.com/onsi/gomega v1.19.0/go.mod h1:LY+I3pBVzYsTBU1AnDwOSxaYi9WoWiqgwooUqq9yPro=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc=
 golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
+golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68 h1:nxC68pudNYkKU6jWhgrqdreuFiOQWj1Fs7T3VrH4Pjw=
+golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f h1:oA4XRj0qtSt8Yo1Zms0CUlsT3KG69V2UGQWPBxujDmc=
+golang.org/x/net v0.0.0-20220225172249-27dd8689420f/go.mod h1:CfG3xpIq0wQ8r1q4Su4UZFWDARRcnwPjda9FqA0JpMk=
+golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
+golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e h1:fLOSk5Q00efkSvAm+4xcoXD+RRmLmmulPn5I3Y9F2EM=
+golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211 h1:JGgROgKl9N8DuW20oFS5gxc+lE67/N3FcwmBPMe7ArY=
+golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
+golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
+google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
+google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
+google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
+google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
+google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
+gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
+gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/ssh.go b/ssh.go
index 8ce4be3..6d765f6 100644
--- a/ssh.go
+++ b/ssh.go
@@ -12,10 +12,13 @@ import (
 	"io/ioutil"
 	"log"
 	"net"
+	"net/url"
 	"os"
 	"os/exec"
 	"path/filepath"
 	"strings"
+	"sync"
+	"time"
 
 	"golang.org/x/crypto/ssh"
 )
@@ -35,21 +38,32 @@ type PublicKey struct {
 type SSH struct {
 	listener net.Listener
 
-	sshconfig           *ssh.ServerConfig
-	config              *Config
-	PublicKeyLookupFunc func(string) (*PublicKey, error)
+	sshConfig *ssh.ServerConfig
+	gitConfig *Config
+	// Timeout, if set will close the connection after the given duration
+	Timeout *time.Duration
+	// DisableConnReuse, if true will disable a reuse of ssh connection in a later session.
+	DisableConnReuse bool
+	// DisableSimultaneousConns, if true will disable simultaneous conns from the same host.
+	DisableSimultaneousConns bool
+	PublicKeyLookupFunc      func(string) (*PublicKey, error)
 }
 
 func NewSSH(config Config) *SSH {
-	s := &SSH{config: &config}
+	s := &SSH{gitConfig: &config}
 
 	// Use PATH if full path is not specified
-	if s.config.GitPath == "" {
-		s.config.GitPath = "git"
+	if s.gitConfig.GitPath == "" {
+		s.gitConfig.GitPath = "git"
 	}
 	return s
 }
 
+// Sets the sshConfig of SSH to the given ssh.ServerConfig
+func (s *SSH) SetSSHConfig(config *ssh.ServerConfig) {
+	s.sshConfig = config
+}
+
 func fileExists(path string) bool {
 	_, err := os.Stat(path)
 	return err == nil || os.IsExist(err)
@@ -80,7 +94,7 @@ func execCommand(cmdname string, args ...string) (string, string, error) {
 	return string(bufOut), string(bufErr), err
 }
 
-func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel) {
+func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel, sConn *ssh.ServerConn) {
 	for newChan := range chans {
 		if newChan.ChannelType() != "session" {
 			newChan.Reject(ssh.UnknownChannelType, "unknown channel type")
@@ -96,6 +110,27 @@ func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel) {
 		go func(in <-chan *ssh.Request) {
 			defer ch.Close()
 
+			defer func() {
+				if s.DisableConnReuse {
+					err := sConn.Close()
+					if err != nil {
+						log.Println("err while closing:", err)
+					}
+				}
+				if s.DisableSimultaneousConns {
+					host, _ := getHost(sConn.RemoteAddr().String())
+					mux.Lock()
+					defer mux.Unlock()
+					log.Println("disable simultaneous conns")
+					for i, connHost := range connHosts {
+						if host == connHost {
+							connHosts[i] = connHosts[len(connHosts)-1]
+							connHosts = connHosts[:len(connHosts)-1]
+						}
+					}
+				}
+			}()
+
 			for req := range in {
 				payload := cleanCommand(string(req.Payload))
 
@@ -137,8 +172,8 @@ func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel) {
 						return
 					}
 
-					if !repoExists(filepath.Join(s.config.Dir, gitcmd.Repo)) && s.config.AutoCreate == true {
-						err := initRepo(gitcmd.Repo, s.config)
+					if !repoExists(filepath.Join(s.gitConfig.Dir, gitcmd.Repo)) && s.gitConfig.AutoCreate == true {
+						err := initRepo(gitcmd.Repo, s.gitConfig)
 						if err != nil {
 							logError("repo-init", err)
 							return
@@ -146,7 +181,7 @@ func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel) {
 					}
 
 					cmd := exec.Command(gitcmd.Command, gitcmd.Repo)
-					cmd.Dir = s.config.Dir
+					cmd.Dir = s.gitConfig.Dir
 					cmd.Env = append(os.Environ(), "GITKIT_KEY="+keyID)
 					// cmd.Env = append(os.Environ(), "SSH_ORIGINAL_COMMAND="+cmdName)
 
@@ -190,13 +225,17 @@ func (s *SSH) handleConnection(keyID string, chans <-chan ssh.NewChannel) {
 					log.Println("ssh: unsupported req type:", req.Type)
 					return
 				}
+				if s.DisableConnReuse {
+					log.Println("dispose connection")
+					break
+				}
 			}
 		}(reqs)
 	}
 }
 
 func (s *SSH) createServerKey() error {
-	if err := os.MkdirAll(s.config.KeyDir, os.ModePerm); err != nil {
+	if err := os.MkdirAll(s.gitConfig.KeyDir, os.ModePerm); err != nil {
 		return err
 	}
 
@@ -205,12 +244,12 @@ func (s *SSH) createServerKey() error {
 		return err
 	}
 
-	privateKeyFile, err := os.Create(s.config.KeyPath())
+	privateKeyFile, err := os.Create(s.gitConfig.KeyPath())
 	if err != nil {
 		return err
 	}
 
-	if err := os.Chmod(s.config.KeyPath(), 0600); err != nil {
+	if err := os.Chmod(s.gitConfig.KeyPath(), 0600); err != nil {
 		return err
 	}
 	defer privateKeyFile.Close()
@@ -222,7 +261,7 @@ func (s *SSH) createServerKey() error {
 		return err
 	}
 
-	pubKeyPath := s.config.KeyPath() + ".pub"
+	pubKeyPath := s.gitConfig.KeyPath() + ".pub"
 	pub, err := ssh.NewPublicKey(&privateKey.PublicKey)
 	if err != nil {
 		return err
@@ -231,15 +270,19 @@ func (s *SSH) createServerKey() error {
 }
 
 func (s *SSH) setup() error {
-	config := &ssh.ServerConfig{
-		ServerVersion: fmt.Sprintf("SSH-2.0-gitkit %s", Version),
+	var config *ssh.ServerConfig
+	if s.sshConfig != nil {
+		config = s.sshConfig
+	} else {
+		config = &ssh.ServerConfig{}
 	}
+	config.ServerVersion = fmt.Sprintf("SSH-2.0-gitkit %s", Version)
 
-	if s.config.KeyDir == "" {
+	if s.gitConfig.KeyDir == "" {
 		return fmt.Errorf("key directory is not provided")
 	}
 
-	if !s.config.Auth {
+	if !s.gitConfig.Auth {
 		config.NoClientAuth = true
 	} else {
 		if s.PublicKeyLookupFunc == nil {
@@ -260,7 +303,7 @@ func (s *SSH) setup() error {
 		}
 	}
 
-	keypath := s.config.KeyPath()
+	keypath := s.gitConfig.KeyPath()
 	if !fileExists(keypath) {
 		if err := s.createServerKey(); err != nil {
 			return err
@@ -278,7 +321,7 @@ func (s *SSH) setup() error {
 	}
 
 	config.AddHostKey(private)
-	s.sshconfig = config
+	s.sshConfig = config
 	return nil
 }
 
@@ -291,7 +334,7 @@ func (s *SSH) Listen(bind string) error {
 		return err
 	}
 
-	if err := s.config.Setup(); err != nil {
+	if err := s.gitConfig.Setup(); err != nil {
 		return err
 	}
 
@@ -304,6 +347,24 @@ func (s *SSH) Listen(bind string) error {
 	return nil
 }
 
+var mux sync.Mutex
+var connHosts []string
+
+func getHost(addr string) (string, error) {
+	if !strings.HasPrefix(addr, "ssh://") {
+		addr = "ssh://" + addr
+	}
+	u, err := url.Parse(addr)
+	if err != nil {
+		return "", err
+	}
+	host, _, err := net.SplitHostPort(u.Host)
+	if err != nil {
+		return "", err
+	}
+	return host, nil
+}
+
 func (s *SSH) Serve() error {
 	if s.listener == nil {
 		return ErrNoListener
@@ -316,10 +377,40 @@ func (s *SSH) Serve() error {
 			return err
 		}
 
+		if s.DisableSimultaneousConns {
+			mux.Lock()
+			defer mux.Unlock()
+			host, _ := getHost(conn.RemoteAddr().String())
+			var matched bool
+			for _, connHost := range connHosts {
+				if host == connHost {
+					log.Println("can't have two multiple simultaneous connections from the same client")
+					err := conn.Close()
+					if err != nil {
+						log.Println("err while closing:", err)
+					}
+					matched = true
+					break
+				}
+			}
+			if !matched {
+				connHosts = append(connHosts, host)
+			} else {
+				continue
+			}
+		}
+
+		if s.Timeout != nil {
+			go func(conn net.Conn) {
+				time.Sleep(*s.Timeout)
+				conn.Close()
+			}(conn)
+		}
+
 		go func() {
 			log.Printf("ssh: handshaking for %s", conn.RemoteAddr())
 
-			sConn, chans, reqs, err := ssh.NewServerConn(conn, s.sshconfig)
+			sConn, chans, reqs, err := ssh.NewServerConn(conn, s.sshConfig)
 			if err != nil {
 				if err == io.EOF {
 					log.Printf("ssh: handshaking was terminated: %v", err)
@@ -331,7 +422,7 @@ func (s *SSH) Serve() error {
 
 			log.Printf("ssh: connection from %s (%s)", sConn.RemoteAddr(), sConn.ClientVersion())
 
-			if s.config.Auth && s.config.GitUser != "" && sConn.User() != s.config.GitUser {
+			if s.gitConfig.Auth && s.gitConfig.GitUser != "" && sConn.User() != s.gitConfig.GitUser {
 				sConn.Close()
 				return
 			}
@@ -342,7 +433,7 @@ func (s *SSH) Serve() error {
 			}
 
 			go ssh.DiscardRequests(reqs)
-			go s.handleConnection(keyId, chans)
+			go s.handleConnection(keyId, chans, sConn)
 		}()
 	}
 }
diff --git a/ssh_test.go b/ssh_test.go
new file mode 100644
index 0000000..e18eb1c
--- /dev/null
+++ b/ssh_test.go
@@ -0,0 +1,173 @@
+/*
+Copyright 2022 The Flux authors
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package gitkit
+
+import (
+	"math/rand"
+	"net"
+	"os"
+	"os/exec"
+	"path/filepath"
+	"strings"
+	"testing"
+	"time"
+
+	. "github.com/onsi/gomega"
+)
+
+func TestListenAndServe(t *testing.T) {
+	tests := []struct {
+		name       string
+		serverFunc func(repo, keyDir string) *SSH
+		err        bool
+	}{
+		{
+			name: "default ssh server",
+			serverFunc: func(repo, keyDir string) *SSH {
+				server := NewSSH(Config{
+					Dir:    filepath.Dir(repo),
+					KeyDir: keyDir,
+				})
+
+				server.PublicKeyLookupFunc = func(s string) (*PublicKey, error) {
+					return &PublicKey{Id: "12345"}, nil
+				}
+				return server
+			},
+		},
+		{
+			name: "ssh server times out",
+			serverFunc: func(repo, keyDir string) *SSH {
+				server := NewSSH(Config{
+					Dir:    filepath.Dir(repo),
+					KeyDir: keyDir,
+				})
+
+				server.PublicKeyLookupFunc = func(s string) (*PublicKey, error) {
+					return &PublicKey{Id: "12345"}, nil
+				}
+				timeout := time.Nanosecond * 1
+				server.Timeout = &timeout
+				return server
+			},
+			err: true,
+		},
+	}
+
+	repo, err := createRepo()
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(repo)
+	keyDir, err := os.MkdirTemp("", "key-dir")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(keyDir)
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			g := NewWithT(t)
+			server := tt.serverFunc(repo, keyDir)
+			defer server.Stop()
+
+			go func() {
+				server.ListenAndServe(":2222")
+			}()
+
+			cloned, err := os.MkdirTemp("", "cloned")
+			if err != nil {
+				t.Fatal(err)
+			}
+			defer os.RemoveAll(cloned)
+
+			if err = retry(10, time.Second*1, func() error {
+				_, err := net.Dial("tcp", "localhost:2222")
+				return err
+			}); err != nil {
+				t.Fatal(err)
+			}
+
+			cmd := exec.Command("git", "clone", "ssh://git@localhost:2222/"+filepath.Base(repo))
+			cmd.Dir = cloned
+			cmd.Env = []string{"GIT_SSH_COMMAND=ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no"}
+
+			e := new(strings.Builder)
+			cmd.Stderr = e
+			err = cmd.Start()
+			if err != nil {
+				panic(err)
+			}
+			err = cmd.Wait()
+
+			g.Expect(err != nil).To(Equal(tt.err))
+			_, err = os.Stat(filepath.Join(cloned, filepath.Base(repo)))
+			if !tt.err {
+				g.Expect(err).ToNot(HaveOccurred())
+			}
+		})
+	}
+
+}
+
+func createRepo() (string, error) {
+	repo, err := os.MkdirTemp("", "ssh-test")
+	if err != nil {
+		return "", err
+	}
+
+	// init git
+	cmd := exec.Command("git", "init")
+	cmd.Dir = repo
+	if _, err = cmd.Output(); err != nil {
+		return "", err
+	}
+	if err = os.WriteFile(filepath.Join(repo, "homework"), []byte("all done"), 0644); err != nil {
+		return "", err
+	}
+
+	cmd = exec.Command("git", "add", ".")
+	cmd.Dir = repo
+
+	if _, err := cmd.Output(); err != nil {
+		return "", err
+	}
+
+	cmd = exec.Command("git", "commit", "-m", "add homework")
+	cmd.Dir = repo
+
+	if _, err := cmd.Output(); err != nil {
+		return "", err
+	}
+	return repo, nil
+}
+
+func retry(attempts int, sleep time.Duration, f func() error) error {
+	if err := f(); err != nil {
+		if attempts--; attempts > 0 {
+			// Add some randomness to prevent creating a Thundering Herd
+			jitter := time.Duration(rand.Int63n(int64(sleep)))
+			sleep = sleep + jitter/2
+
+			time.Sleep(sleep)
+			return retry(attempts, 2*sleep, f)
+		}
+		return err
+	}
+
+	return nil
+}