Views
System view
Predefined user roles
network-admin
Parameters
times: Specifies the maximum number of authentication attempts for SSH users, in the range of 1 to 5.
Usage guidelines
You can set this limit to prevent malicious hacking of usernames and passwords.
This configuration takes effect only on the users at next login.
If the authentication method of an SSH user is any authentication, the total number of authentication
attempts (including both publickey and password authentication attempts) must not exceed the upper
limit configured by the ssh server authentication-retries command. Otherwise, the authentication fails.
If the authentication method of an SSH user is password-publickey, the server first uses publickey
authentication, and then uses password authentication to authenticate the SSH user. The process is
considered one authentication attempt.
Examples
# Set the maximum number of authentication attempts for SSH users to 4.
<Sysname> system-view
[Sysname] ssh server authentication-retries 4
Related commands
display ssh server
ssh server authentication-timeout
Use ssh server authentication-timeout to set the SSH user authentication timeout timer on the SSH server.
Use undo ssh server authentication-timeout to restore the default.
Syntax
ssh server authentication-timeout time-out-value
undo ssh server authentication-timeout
Default
The authentication timeout timer is 60 seconds.
Views
System view
Predefined user roles
network-admin
Parameters
time-out-value: Specifies an authentication timeout timer in the range of 1 to 120 seconds.
183