ssh for admin context

thundercisco — Mon, 11 Mar 2019 22:53:50 GMT

Hi Guys,

Here is the config uration of my admin context on asa 5585 with 8.4 version

hostname FW-MAIN

domain-name bc.com

enable password xxxxxxxx encrypted

passwd xxxxxxx encrypted

names

name 10.0.0.0 xx-A

name 172.16.0.0 xx-B

name 192.168.0.0 xx-C

interface Management0/0

nameif management

security-level 70

ip address 10.216.175.10 255.255.255.128

dns server-group DefaultDNS

domain-name bc.com

pager lines 24

logging enable

logging asdm informational

mtu management 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

route management xx-A 255.0.0.0 10.216.175.1 1

route management xx-B 255.240.0.0 10.216.175.1 1

route management xx-C 255.255.0.0 10.216.175.1 1

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

aaa authentication http console LOCAL

http server enable

http 0.0.0.0 0.0.0.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh 0.0.0.0 0.0.0.0 management

ssh timeout 5

no threat-detection statistics tcp-intercept

username admin password 3XRCbLw8F0tIVe6e encrypted privilege 15

class-map inspection_default

match default-inspection-traffic

policy-map type inspect dns preset_dns_map

parameters

message-length maximum client auto

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect ip-options

I am unable to ssh into this context, i have checked cyrpto key are configured. I am able to asdm into this context but no ssh. Please Help

thnx

ssh for admin context

Julio Carvajal — Fri, 13 Apr 2012 22:48:43 GMT

Hello,

Remove the entire SSH configuration and add it one more time from scratch

Then place a debug for the SSH process:

Debug SSH 255

And then provide the output to us.

Julio

ssh for admin context

thundercisco — Wed, 25 Apr 2012 12:48:23 GMT

I have to set my unit to factory default and then configure my admin conext and then create crypto keys!!!!!

topic ssh for admin context in Network Security

ssh for admin context

ssh for admin context

ssh for admin context