Description
Use the ssh client first-time enable command to enable the client to run first-time authentication for
the SSH server it accesses for the first time.
Use the undo ssh client first-time command to disable the client from running first-time
authentication.
By default, the client is enabled to run first-time authentication.
Note that:
With first-time authentication enabled, an SSH client that is not configured with the server's host
public key can continue accessing the server when it accesses the server for the first time. The
SSH server sends its host public key to the client automatically, and the client saves the key for use
in subsequent authentications. In this mode, the client cannot ensure the correctness of the SSH
server's host public key.
With first-time authentication disabled, you must configure the server's host public key and specify
the public key name for authentication on the client in advance.
For details about first-time authentication, refer to corresponding section in SSH Operation.
Examples
# Disable the client to run first-time authentication on an SSH client.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] undo ssh client first-time
ssh server authentication-retries
Syntax
ssh server authentication-retries times
undo ssh server authentication-retries
View
System view
Parameters
times: Authentication retry times, in the range of 1 to 5.
Description
Use the ssh server authentication-retries command to set the authentication retry times for SSH
connections. This configuration will take effect for all users logging in later.
Use the undo ssh server authentication-retries command to restore the default authentication retry
times.
By default, the number of authentication retry times is 3.
1-23