R2511-HP MSR Router Series Security Command Reference(V5)
418
Default command level
3: Manage level
Parameters
times: Specifies the maximum number of authentication attempts, in the range of 1 to 5.
Usage guidelines
You can set this limit to prevent malicious hacking of usernames and passwords.
This configuration takes effect only on the users at next login.
Authentication fails if the number of authentication attempts (including both publickey and password
authentication) exceeds the upper limit configured by this command.
If the authentication method is password-publickey, the server first uses publickey authentication, and
then uses password authentication to authenticate SSH users. The process is considered one
authentication attempt.
Examples
# Set the maximum number of SSH connection authentication attempts to 4.
<Sysname> system-view
[Sysname] ssh server authentication-retries 4
Related commands
display ssh server
ssh server authentication-timeout
Use ssh server authentication-timeout to set the SSH user authentication timeout timer on the SSH server.
Use undo ssh server authentication-timeout to restore the default.
Syntax
ssh server authentication-timeout time-out-value
undo ssh server authentication-timeout
Default
The authentication timeout timer is 60 seconds.
Views
System view
Default command level
3: Manage level
Parameters
time-out-value: Specifies an authentication timeout timer in the range of 1 to 120 seconds.
Usage guidelines
If a user does not finish the authentication when the timeout timer expires, the connection cannot be
established.
You can set a small value for this timer to prevent malicious occupation of TCP connections.