Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

retry-options

 

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 8.0.

Statement introduced in Junos OS Release 9.0 for EX Series switches.

maximum-time option introduced in Junos OS Release 9.6.

Statement introduced in Junos OS Release 11.1 for the QFX Series.

lockout-period option introduced in Junos OS Release 11.2.

Statement introduced in Junos OS Release 14.1X53-D20 for the OCX Series.

Description

Limit the number of times a user can attempt to log in through SSH or Telnet before being disconnected.

Options

backoff-factor secondsLength of delay in seconds after each failed login attempt. The length of delay increases by this value for each subsequent failed login attempt after the value specified in the backoff-threshold option.

Default: 5

Range: 5 through 10

backoff-threshold numberThreshold for the number of failed login attempts before the user experiences a delay when attempting to log in again. Use the backoff-factor option to specify the length of delay, in seconds.

Default: 2

Range: 1 through 3

lockout-period minutesAmount of time before the user can attempt to log in to the device after being locked out. The user is locked out when the number of failed login attempts specified in the tries-before-disconnect option is reached.

Range: 1 through 43200

maximum-time secondsMaximum length of time that the connection remains open for the user to enter a username and password to log in. If the user remains idle and does not enter a username and password within the time period configured with this option, the connection is closed.

Default: 120

Range: 20 through 300

minimum-time secondsMinimum length of time that the connection remains open while the user is attempting to enter a username and password to log in.

Default: 20

Range: 20 through 60

tries-before-disconnectMaximum number of times a user is allowed to attempt to log in through SSH or Telnet before closing the connection.

Default: 3

Range: 2 through 10

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.