278
Ste
Command
Remarks
4. Set the SSH user
authentication timeout period.
ssh server authentication-timeout
time-out-value
The default setting is 60 seconds.
If a user does not finish the
authentication when the timeout
timer expires, the connection
cannot be established.
5. Set the maximum number of
SSH authentication attempts.
ssh server authentication-retries
times
The default setting is 3.
If the authentication method is any,
the total number of publickey
authentication attempts and
password authentication attempts
cannot exceed the upper limit.
6. Specify an ACL to control SSH
user connections.
• Control IPv4 SSH user
connections:
ssh server acl acl-number
• Control IPv6 SSH user
connections:
ssh server ipv6 acl [ ipv6 ]
acl-number
By default, no ACLs are specified
and all SSH users can initiate SSH
connections to the server.
7. Set the DSCP value in the
packets that the SSH server
sends to SSH clients.
• Set the DSCP value in IPv4
packets:
ssh server dscp dscp-value
• Set the DSCP value in IPv6
packets:
ssh server ipv6 dscp dscp-value
The default setting is 48.
The DSCP value of a packet
defines the priority of the packet
and affects the transmission
priority of the packet. A bigger
DSCP value represents a higher
priority.
8. Configure the SFTP
connection idle timeout
period.
sftp server idle-timeout
time-out-value
The default setting is 10 minutes.
When the idle timeout timer
expires, the system automatically
tears the connection down.
9. Specify the maximum number
of concurrent online SSH
users.
aaa session-limit ssh max-sessions
The default setting is 16.
When the number of online SSH
users reaches the upper limit, the
system denies new SSH connection
requests.
Changing the upper limit does not
affect online SSH users.
Configuring the device as an Stelnet client
Stelnet client configuration task list
Tasks at a
lance
(Optional.) Specifying the source IP address for SSH packets
(Required.) Establishing a connection to an Stelnet server