Setting The Ssh Management Parameters - H3C S5500-EI series Operation Manual

Operation Manual – SSH
H3C S5500-EI Series Ethernet Switches
Note:
For users using publickey authentication:
You must configure on the device the corresponding username and public keys.
After login, the commands available for a user are determined by the user privilege
level, which is configured with the user privilege level command on the user
interface. By default, the command privilege level is 0.
For users using password authentication:
You can configure the accounting information either on the device or on the remote
authentication server (such as RADIUS authentication server).
After login, the commands available to a user are determined by AAA authorization.

1.2.7 Setting the SSH Management Parameters

SSH management includes:
Enabling the SSH server to be compatible with SSH1
Setting the server key pair update interval, applicable to users using SSH1 client.
Setting the SSH user authentication timeout period
Setting the maximum number of SSH authentication attempts
Setting the above parameters can help avoid malicious guess at and cracking of the
keys and usernames, securing your SSH connections.
Follow these steps to set the SSH management parameters:
Enter system view
Enable the SSH server to
work with SSH1.x clients
Set the RSA server key
pair update interval
Set the SSH user
authentication timeout
period
Set the maximum number
of SSH authentication
attempts
To do...
system-view
ssh server
compatible-ssh1x
enable
ssh server
rekey-interval hours
ssh server
authentication-timeout
time-out-value
ssh server
authentication-retries
times
Use the command...
1-12
Chapter 1 SSH Configuration
Remarks
—
Optional
By default, the SSH
server can work with
SSH1.x clients.
Optional
0 by default, that is, the
RSA server key pair is not
updated.
Optional
60 seconds by default
Optional
3 by default