Ssh Server Rate-Limit - Cisco NCS 5000 Series Manual

Secure Shell Commands

ssh server rate-limit

To limit the number of incoming Secure Shell (SSH) connection requests allowed per minute, use the ssh
server rate-limit command. To return to the default value, use the no form of this command.
ssh server rate-limit rate-limit
no ssh server rate-limit
Syntax Description
rate-limit
Command Default
rate-limit: 60 connection requests per minute
Command Modes
XR Config mode
Command History
Release
Release 6.0
Usage Guidelines
Use the ssh server rate-limit command to limit the incoming SSH connection requests to the configured rate.
Any connection request beyond the rate limit is rejected by the SSH server. Changing the rate limit does not
affect established SSH sessions.
If, for example, the rate-limit argument is set to 30, then 30 requests are allowed per minute, or more precisely,
a two-second interval between connections is enforced.
Task ID
Task ID
crypto
Examples The following example shows how to set the limit of incoming SSH connection requests to 20 per minute:
RP/0/RP0/CPU0:router# configure
RP/0/RP0/CPU0:router(config)# ssh server rate-limit 20
Number of incoming SSH connection requests allowed per minute. Range is from 1 to 120.
When setting it to 60 attempts per minute, it basically means that we can only allow 1 per
second. If you set up 2 sessions at the same time from 2 different consoles, one of them will
get rate limited. This is connection attempts to the ssh server, not bound per interface/username
or anything like that. So value of 30 means 1 session per 2 seconds and so forth.
System Security Command Reference for Cisco NCS 5000 Series Routers
Modification
This command was introduced.
Operations
read, write
ssh server rate-limit
173