User's Manual
71
In global configuration mode, the following command can be used to configure the authentication timeout.
Command Purpose
ip sshd timeout <60-65535> Configure the authentication timeout time.
6.2.4 Configuring the Authentication Retry Times
If the times for failed authentications exceed the maximum times, SSH server will not allow you to retry
authentication and the system enters the silent period. The maximum times for retrying authentication is 6 by
default.
In global configuration mode, the following command can be used to configure the authentication retry times.
Command Purpose
ip sshd auth-retries <0-65535> Configures the authentication retry times.
6.2.5 Configuring the Login Silence Period
The system enters in the silent period when the authentication retry times exceed the threshold. The silence
period is 60s by default.
In global configuration mode, the following command can be used to configure the silence period.
Command Purpose
ip sshd silence-period <0-3600> Configures the login silence period
6.2.6 Enabling Encryption Key Saving Function
Enable ssh server and the initial encryption key needs to be calculated. The process may take one to two
minutes. When enabling the encryption key saving function, the initial encryption key is saved in the flash.
When enabling ssh server in a second time, the encryption key will be read first.
sftp function is disabled by default. Use the following command to enable sftp function in global configuration
mode:
Command Purpose
ip sshd save Enable encryption key saving function.
6.2.7 Enabling SFTP Function
The SFTP function refers to the secure file transmission system based on SSH, of which the authentication
procedure and data transmission are encrypted. Though it has low transmission efficiency, network security is
highly improved.
SFTP function is disabled by default. Run following command to enable SFTP function in global configuration
mode.
Command Purpose
ip sshd sftp Enable sftp function.