How many password attempts can be made when using SSH?

How many password attempts can be made when using SSH?

0
Created On 09/26/18 13:48 PM - Last Modified 07/19/22 23:09 PM


Environment


  • Palo Alto Firewall.
  • PAN-OS 7.1, 8.0, 8.1, 9.0 and 10.0
  • SSH password attempts per session.

Resolution


Palo Alto Networks devices allow SSH connection to the system for management purposes.

Each time the user is connected to the device via SSH, there will be a session created.

Details for each SSH session (PAN-OS 7.X and above)

  • By default, the firewall allows for a maximum of 4 authentication attempts.
  • If a user enters the wrong password 4 times, the single session will be closed and the SSH connection reset.
  • For each unsuccessful attempt, there is an event generated in the system logs as follows: 
    ( severity eq medium ) and ( eventid eq auth-fail )  and ( subtype eq auth ) and 
( description contains 'failed authentication for user \'username\'.  Reason: Invalid 
username/password. From: xxx.yyy.zzz.qqq.' )

The maximum number of failed authentication attempts per session cannot be changed

 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClpTCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail