To do...
Set the SSH user authentication
timeout period
Set the maximum number of SSH
authentication attempts
NOTE:
Authentication will fail if the number of authentication attempts—including both publickey and password
authentication—exceeds that specified in the ssh server authentication-retries command.
Configuring the device as an SSH client
SSH client configuration task list
Complete the following tasks to configure an SSH client:
Task
Specifying a source IP address/interface for the SSH client
Configuring whether first-time authentication is supported
Establishing a connection between the SSH client and server
Specifying a source IP address/interface for the SSH client
This configuration task allows you to specify a source IP address or interface for the client to access the
SSH server, improving service manageability.
Follow these steps to specify a source IP address or interface for the client:
To do...
Enter system view
Specify a source IP
address or interface
for the SSH client
Configuring whether first-time authentication is supported
When the device connects to the SSH server as an SSH client, you can configure whether the device
supports first-time authentication.
With first-time authentication, when an SSH client not configured with the server host public key
•
accesses the server for the first time, the user can continue accessing the server, and save the host
Use the command...
ssh server authentication-timeout
time-out-value
ssh server authentication-retries
times
Use the command...
system-view
•
Specify a source IPv4 address or interface for the SSH
client:
ssh client source { ip ip-address | interface
interface-type interface-number }
•
Specify a source IPv6 address or interface for the SSH
client:
ssh client ipv6 source { ipv6 ipv6-address | interface
interface-type interface-number }
250
Remarks
Optional
60 seconds by default
Optional
3 by default
Remarks
Optional
Optional
Required
Remarks
—
Required
Select either approach
By default, an SSH client
uses the IP address of the
interface specified by the
route of the device to
access the SSH server.