Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1985
Views
0
Helpful
5
Replies

4500-x fails to authenticate to local credentials via ssh

Go to solution
RB6502
Level 1
Level 1

‎12-16-2019 10:03 AM

Hello,

 

I am facing a frustrating problem where my 4500-x switch will not authenticate to local credentials via an ssh session.  This is a problem I inherited from someone who decided to simply "not tell anyone about it". :) 

 

Using putty, I'm able to establish an ssh session to the switch and am prompted for a username.  After entering the username, the banner message displays, followed immediately by "TACACS+ authentication requiredUsing keyboard-interactive authentication", then a password prompt.

The logins always fail, even though the credentials I'm entering match what.s in the username statement.

 

This is the configuration as I found it:

username admin password 0 ******
aaa new-model

 

line vty 0 4
password ******
length 0
transport input ssh
line vty 5 15
password ******l
transport input ssh
!

I've tried all the aaa commands I can think of (aaa authentication login default local, etc.) and none of those helped.  I tried removing "aaa new-model" and adding "login local" to the vty interfaces.  I've also tried regenerating the ssh key, all with no luck.

 

Any ideas?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni

‎12-16-2019 10:46 AM

Hello, try it:

no aaa new-model
crypto key generate rsa modulus 2048

username cisco privilege 15 secret cisco123

line vty 0 15
login local
transport input ssh
Jaderson Pessoa
*** Rate All Helpful Responses ***

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni

‎12-16-2019 10:46 AM

Hello, try it:

no aaa new-model
crypto key generate rsa modulus 2048

username cisco privilege 15 secret cisco123

line vty 0 15
login local
transport input ssh
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Go to solution
RB6502
Level 1
Level 1
In response to Jaderson Pessoa

‎12-16-2019 11:02 AM

Thanks, tried that, still getting "Access Denied" from my ssh session.

0 Helpful

Go to solution
Jaderson Pessoa
VIP Alumni
VIP Alumni
In response to RB6502

‎12-16-2019 11:10 AM

remove this under line vty 0 15 " no password ******"
Jaderson Pessoa
*** Rate All Helpful Responses ***
0 Helpful

Go to solution
RB6502
Level 1
Level 1
In response to Jaderson Pessoa

‎12-16-2019 11:20 AM - edited ‎12-16-2019 11:24 AM

line vty 0 4
privilege level 15
login local
length 0
transport input ssh
line vty 5 15
privilege level 15
login local
transport input ssh

 

Same result, "Access Denied".

 

Is the "TACACS+ authentication required" message I'm getting when I'm trying to log in significant?  There is (should not be) no TACACS+ set up for this switch.

 

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to RB6502

‎12-16-2019 12:16 PM

Can you post full configuration before i can suspect something wrong in another level of config.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents