retry-options

Syntax

Hierarchy Level

Release Information

Statement introduced in Junos OS Release 8.0.

maximum-time option introduced in Junos OS Release 9.6.

lockout-period option introduced in Junos OS Release 11.2.

Description

Limit the number of times a user can attempt to log in through SSH or Telnet before being disconnected.

Options

backoff-factor seconds—Length of delay in seconds after each failed login attempt. The length of delay increases by this value for each subsequent failed login attempt after the value specified in the backoff-threshold option.

Default: 5

Range: 5 through 10

backoff-threshold number—Threshold for the number of failed login attempts before the user experiences a delay when attempting to log in again. Use the backoff-factor option to specify the length of delay, in seconds.

Default: 2

Range: 1 through 3

lockout-period minutes—Amount of time before the user can attempt to log in to the device after being locked out. The user is locked out when the number of failed login attempts specified in the tries-before-disconnect option is reached.

Range: 1 through 43200

maximum-time seconds—Maximum length of time that the connection remains open for the user to enter a username and password to log in. If the user remains idle and does not enter a username and password within the time period configured with this option, the connection is closed.

Default: 120

Range: 20 through 300

minimum-time seconds—Minimum length of time that the connection remains open while the user is attempting to enter a username and password to log in.

Default: 20

Range: 20 through 60

tries-before-disconnect—Maximum number of times a user is allowed to attempt to log in through SSH or Telnet before closing the connection.

Default: 3

Range: 2 through 10

Required Privilege Level

admin—To view this statement in the configuration.

admin-control—To add this statement to the configuration.