System User Login Configuration 400 Global authentication settings 2FA OTP authentication parameters Number of attempts. Limit logins to N per every M seconds u32:1-10 Number of attempts. Limit logins to N per every M seconds Number of login attempts must me between 1 and 10 3 Time interval. Limit logins to N per every M seconds u32:15-600 Time interval. Limit logins to N per every M seconds Rate limit time interval must be between 15 and 600 seconds 30 Set window of concurrently valid codes u32:1-21 Set window of concurrently valid codes Window of concurrently valid codes must be between 1 and 21 3 Local user account information [-_a-zA-Z0-9.]{1,100} Username contains illegal characters or\nexceeds 100 character limitation. Password authentication Encrypted password (\*|\!) [a-zA-Z0-9\.\/]{13} \$1\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{22} \$5\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{43} \$6\$[a-zA-Z0-9\./]*\$[a-zA-Z0-9\./]{86} Invalid encrypted password for $VAR(../../@). ! 2FA OTP authentication parameters Token Key Secret key for the token algorithm (see RFC 4226) txt OTP key (base32 encoded secret) [a-zA-Z2-7]{20,10000} Key must only include base32 characters and be at least 26 characters long Plaintext password used for encryption Remote access public keys txt Key identifier used by ssh-keygen (usually of form user@host) Public key value (Base64 encoded) Optional public key options Public key type ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ecdsa-sha2-nistp521 ssh-ed25519 ssh-dss ssh-rsa ecdsa-sha2-nistp256 ecdsa-sha2-nistp384 ssh-ed25519 (ssh-dss|ssh-rsa|ecdsa-sha2-nistp256|ecdsa-sha2-nistp384|ecdsa-sha2-nistp521|ssh-ed25519) Full name of the user (use quotes for names with spaces) [^:]* Cannot use ':' in full name Home directory #include Session timeout u32:1-30 Session timeout in seconds Timeout must be between 1 and 30 seconds 2 Server priority u32:1-255 Server priority 255 #include Session timeout u32:5-604800 Session timeout in seconds Timeout must be between 5 and 604800 seconds