ssh server authentication-retries

Use ssh server authentication-retries to set the maximum number of authentication attempts for SSH users.

Use undo ssh server authentication-retries to restore the default.

Syntax

ssh server authentication-retries retries

undo ssh server authentication-retries

Default

The maximum number of authentication attempts is 3 for SSH users.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

retries: Specifies the maximum number of authentication attempts for SSH users, in the range of 1 to 5.

Usage guidelines

Setting the maximum number of authentication attempts prevents malicious hacking of usernames and passwords.

If the total number of authentication attempts exceeds the upper limit specified in this command, further authentication is not allowed.

• For any authentication, an authentication attempt is a publickey or password authentication process.

• For password-publickey authentication, an authentication attempt contains both a publickey authentication process and a password authentication process. The server first uses publickey authentication, and then uses password authentication to authenticate the SSH user.

This configuration does not affect logged-in users. It affects only users that attempt to log in after the configuration.

Examples

# Set the maximum number of authentication attempts to 4 for SSH users.

<Sysname> system-view
[Sysname] ssh server authentication-retries 4

Related commands

display ssh server