05-02-2014 04:18 AM - edited 03-11-2019 09:09 PM
Hi,
I have recently updated one of my Cisco ASA to v9.2(1) and noticed a function to get the perform authorization for exec shell access can do a auto-enable when logging in from ssh.
The problem is that if I use a private/public key authentication with a user it won't do the auto-enable feature. If I login without keys and using my password, it jumps into privilleged exec mode as it should.
Anyone else had this issue?
Config:
aaa authentication ssh console LOCAL
aaa authorization exec LOCAL auto-enable
username user password xxxxxx encrypted privilege 15
username user attributes
ssh authentication publickey 22:af:xxxxxx hashed
Any answer will be highly appreciated.
P.S I'm totally new in this forum.
11-11-2014 08:02 PM
I have the exact same problem on 9.2(2)4. If I use the key, auto-enable doesn't work; if I force password authentication, it does.
11-12-2014 12:38 AM
Would you be able to open a TAC SR and once you do , Email me the SR no and i will look into this issue.
vamrodia@cisco.com
Thanks and Regards,
Vibhor Amrodia
11-12-2014 06:14 PM
We're in the middle of a big cut-over, so it'll have to wait a week or so for me... feel free to send me a message or reply again here. I'll do my best to remember!
06-30-2015 05:07 AM
Hi,
Once , you get a SR opened , please drop me an email :- vamrodia@cisco.com and i will take the ownership for that issue.
Thanks and Regards,
Vibhor Amrodia
07-31-2015 03:50 AM
did you ever come across this issue, was this resolved. I can escalate a case but would be a wast of resource if this has been fixed..
clinet is getting this
Privileged Users to Enter Into EXEC Mode on Login Failing with Public Keys on Cisco ASA
and currently on 9.3.1
thanks in advance
Lance
01-21-2015 02:22 PM
I haven't forgotten about this... Going to try to get a case opened next week.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: