Configuring the device as an ssh client, Ssh client configuration task list – H3C Technologies H3C SecPath F1000-E User Manual

9

•

Setting the maximum number of SSH authentication attempts

Setting the above parameters can help avoid malicious guess at and cracking of the keys and usernames,

securing your SSH connections.
Follow these steps to set the SSH management parameters:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable the SSH server to support
SSH1 clients

ssh server compatible-ssh1x
enable

Optional
By default, the SSH server supports
SSH1 clients.

Set the RSA server key pair update
interval

ssh server rekey-interval
hours

Optional
0 by default, that is, the RSA server
key pair is not updated.

Set the SSH user authentication

timeout period

ssh server
authentication-timeout

time-out-value

Optional
60 seconds by default

Set the maximum number of SSH
authentication attempts

ssh server
authentication-retries times

Optional
3 by default

NOTE:

Authentication will fail if the number of authentication attempts (including both publickey and password
authentication) exceeds that specified in the ssh server authentication-retries command.

Configuring the Device as an SSH Client

SSH Client Configuration Task List

Complete the following tasks to configure an SSH client:

Task Remarks

Specifying a Source IP address/Interface for the SSH
Client

Optional

Configuring Whether First-time Authentication is
Supported

Optional

Establishing a Connection Between the SSH Client
and the Server

Required

Specifying a Source IP address/Interface for the SSH Client

This configuration task allows you to specify a source IP address or interface for the client to access the

SSH server, improving service manageability.

To do…

Use the command…

Remarks

Enter system view

system-view

—