188.8.131.52.5 Set maximimum value for 'ip ssh authentication-retries'
The number of retries before the SSH login session disconnects. Rationale: This limits the number of times an unauthorized user can attempt a password without having to establish a new SSH login attempt. This reduces the potential for success during online brute force attacks by limiting the number of login attempts per SSH connection. Impact: Organizations should implement a security policy limiting the number of authentication attempts for network administrators and enforce the policy through the 'ip ssh authentication-retries' command.
Configure the SSH timeout: hostname(config)#ip ssh authentication-retries [<em>3</em>] Default Value: SSH is not enabled by default. When set, the default value is 3.