Cisco Community
English
Register
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
2271
Views
0
Helpful
2
Replies
jabouaf
Beginner
Beginner
‎04-27-2011 02:57 AM
‎04-27-2011 02:57 AM

SSH authentication failure and log message

Hello,

With local authentication (with no aaa new-model  -no tacacs, no radius device/function)) I would like to get an information message that the authentication failed not at all error of mis-writting the password, but only when the 3th attempt/try is failed ?

Does someone knows if we can do this ?

Regards,

Labels:
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions
Antonio Knox
Rising star
Rising star
‎04-27-2011 05:15 AM
‎04-27-2011 05:15 AM

This is possible, but you need to be running an IOS Security Feature Set.  Your command would look like this:

security authentication failure rate 3 log

For more info:

http://www.cisco.com/en/US/docs/ios/12_3/security/command/reference/sec_r1g.html#wp1098833

Please rate this post if it helps.

Edit: Keep in mind that this command introduces a 15-second delay once the failure threshold is reached.  This is a Brute-force attack mitigation technique by design, but it does meet your requirement.  Besides this, I would recommend leaning on EEM and perhaps some TCL scripting, which far too much for such a small task.

View solution in original post

0 Helpful
2 REPLIES 2
Antonio Knox
Rising star
Rising star
‎04-27-2011 05:15 AM
‎04-27-2011 05:15 AM

This is possible, but you need to be running an IOS Security Feature Set.  Your command would look like this:

security authentication failure rate 3 log

For more info:

http://www.cisco.com/en/US/docs/ios/12_3/security/command/reference/sec_r1g.html#wp1098833

Please rate this post if it helps.

Edit: Keep in mind that this command introduces a 15-second delay once the failure threshold is reached.  This is a Brute-force attack mitigation technique by design, but it does meet your requirement.  Besides this, I would recommend leaning on EEM and perhaps some TCL scripting, which far too much for such a small task.

View solution in original post

0 Helpful
jabouaf
Beginner
Beginner
In response to Antonio Knox
‎04-27-2011 10:58 AM
‎04-27-2011 10:58 AM

Hello Antonio,

Thank you for your answer.  THis would help me.

I'll also have a look at EEM.

Best Regards,

0 Helpful
Latest Contents
SD-WAN Advanced Deployment | Part.1
Created by Mohamed Alhenawy on 04-16-2021 12:13 AM
0
15
0
15
Today I'm going to talk about SD-wan including SD-WAN advanced lab ,, first thing let's take a small brief about the SD_WAN.  What is SD-WAN?   SD-WAN is Software define wide area network and SD-WAN is key part of the technology o... view more
Cisco Meraki IoT specialist will introduce you to new and in...
Created by sullskog on 04-15-2021 01:09 AM
0
0
0
0
Leopold Fisher, Cisco Meraki IoT specialist, will introduce you to new and innovative additions to the Meraki portfolio coming in April 2021.         Meraki Vision Session MV smart camera range is getting big... view more
Dynamic Routing Protocols with IPv6: Configuration, Verifica...
Created by ciscomoderator on 04-13-2021 02:39 PM
0
5
0
5
To participate in this event, please use the  button to ask your questions Dynamic Routing Protocols & IPv6 Have any questions on dynamic routing protocols with IPv6? In this event we will answer all your questions related to dynamic routing pro... view more
SD-WAN Advanced Deployment | Part.1
Created by Mohamed Alhenawy on 04-13-2021 09:24 AM
0
15
0
15
Today I'm going to talk about SD-wan including SD-WAN advanced , first thing let's take a small brief about the SD_WAN.What is SD-WAN? SD-WAN is Software define wide area network and SD-WAN is key part of the technology of software-definednetworking ... view more
Living on the Edge with the Secure Cats
Created by almuench on 04-07-2021 01:34 PM
0
0
0
0
The cat's out of the bag! In October 2020, Cisco announced the Next Generation of Enterprising Routing Platforms: the Catalyst 8000 Edge Platforms Family including the Catalyst 8200, Catalyst 8300, Catalyst 8500, and Catalyst 8000V. The new family of Cats... view more
Content for Community-Ad