Setting the SSH
Management
Parameters
Configuring the
Device as an SSH
Client
SSH Client Configuration
Task List
After login, the commands available for a user are determined by the user
■
privilege level, which is configured with the user privilege level command on
the user interface. By default, the command privilege level is 0.
For users using password authentication:
You can configure the accounting information either on the device or on the
■
remote authentication server (such as RADIUS authentication server).
After login, the commands available to a user are determined by AAA
■
authorization.
SSH management includes:
Enabling the SSH server to be compatible with SSH1
■
Setting the server key pair update interval, applicable to users using SSH1
■
client.
Setting the SSH user authentication timeout period
■
Setting the maximum number of SSH authentication attempts
■
Setting the above parameters can help avoid malicious guess at and cracking of
the keys and usernames, securing your SSH connections.
Follow these steps to set the SSH management parameters:
To do...
Enter system view
Enable the SSH server to work
with SSH1.x clients
Set the RSA server key pair
update interval
Set the SSH user
authentication timeout period
Set the maximum number of
SSH authentication attempts
n
Authentication will fail if the number of authentication attempts (including both
publickey and password authentication) exceeds that specified in the ssh server
authentication-retries command.
Complete the following tasks to configure an SSH client:
Configuring the Device as an SSH Client
Use the command...
system-view
ssh server
compatible-ssh1x enable
ssh server rekey-interval
hours
ssh server
authentication-timeout
time-out-value
ssh server
authentication-retries times
1115
Remarks
-
Optional
By default, the SSH server can
work with SSH1.x clients.
Optional
0 by default, that is, the RSA
server key pair is not updated.
Optional
60 seconds by default
Optional
3 by default