This article will cover how to fix Too many authentication failures for usernames in 3 ways.
Too many authentication failures Error
Error example 1:
Received disconnect from 192.168.3.123 port 22:2: Too many authentication failures
Disconnected from 192.168.3.123 port 22
Error Example 2:
Too many authentication failures
Sep 19 16:21:24 ubuntu sshd: error: maximum authentication attempts exceeded for testfest from 192.168.6.124 port 54324 ssh2 
Sep 19 16:21:24 ubuntu sshd: Disconnecting: Too many authentication failures 
Sep 19 16:21:48 ubuntu su: pam_unix(su:session): session closed for user testfest
Reason for Too many authentication failures
SSH servers are commonly setup to allow for a maximum number of attempted authentications before rejecting the attempt.It will try all the available credentials (such as certificate, public key, and stored credentials).
This is setting for ssh servers is called “MaxAuthTries”, and the default value is 6.When attmpting to connect to an SSH server, if we have not told our SSH client specifically which key to use with the server, it will attempt to use all of our keys (one at a time) until it finds one that works.
If the key we need to use for the server is attempted by our client after the MaxAuthTries as configured by the server, our client will never reach the correct key and will fail its authentication attempt.
Solution for Too many authentication failures
This error appears when we make too many failed login attempts to a server. A failed login attempt could occur for a variety of reasons but the most common reason is incorrect credentials. Ensure we are providing the correct username and password or key file which should also be properly configured on the server.
- Use a Specific SSH Key for a Specific SSH Server
- Increase MaxAuthTries in SSH server
Use a Specific SSH Key for a Specific SSH Server in configuration file
Open our SSH configuration file in our favorite editor: vi ~/.ssh/config. At the bottom of the file, add the following information:
Use a Specific SSH Key for a Specific SSH Server in command line
we can use ssh -i keyfile ip or hostname to connect our server.
Increase MaxAuthTries in SSH
# vi /etc/ssh/sshd_config or (sudo vi /etc/ssh/sshd_config)
we will see the “MaxAuthTries 6” .
- Click “i” to enter the editing mode in the file.
- After modifying “MaxAuthTries” to 10, we can click on ”Esc” and type “:wq” to save and exit the file.
- Fire the command “service sshd restart” or “sudo service sshd restart” in order to apply changes made in the file.
More info about MaxAuthTries in SSH
The MaxAuthTries setting tells the ssh daemon how many different authentication attempts a user can try before it disconnects. Each ssh key loaded into ssh-agent counts as one authentication attempt.
The default is 6 because many users have multiple ssh keys loaded into ssh-agent so that we can automatically log into different hosts that use different ssh keys. Trying more than one ssh key isn’t the same as thumb-fingering a password — ssh is designed to allow for multiple key attempts.
After the ssh connection attempts all of our ssh keys and we haven’t run out of attempts and passwords are enabled we will eventually get a password prompt.