cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1985
Views
0
Helpful
5
Replies

4500-x fails to authenticate to local credentials via ssh

RB6502
Level 1
Level 1

Hello,

 

I am facing a frustrating problem where my 4500-x switch will not authenticate to local credentials via an ssh session.  This is a problem I inherited from someone who decided to simply "not tell anyone about it". :) 

 

Using putty, I'm able to establish an ssh session to the switch and am prompted for a username.  After entering the username, the banner message displays, followed immediately by "TACACS+ authentication requiredUsing keyboard-interactive authentication", then a password prompt.

The logins always fail, even though the credentials I'm entering match what.s in the username statement.

 

This is the configuration as I found it:

username admin password 0 ******
aaa new-model

 

line vty 0 4
password ******
length 0
transport input ssh
line vty 5 15
password ******l
transport input ssh
!

I've tried all the aaa commands I can think of (aaa authentication login default local, etc.) and none of those helped.  I tried removing "aaa new-model" and adding "login local" to the vty interfaces.  I've also tried regenerating the ssh key, all with no luck.

 

Any ideas?

1 Accepted Solution

Accepted Solutions

Jaderson Pessoa
VIP Alumni
VIP Alumni
Hello, try it:

no aaa new-model
crypto key generate rsa modulus 2048

username cisco privilege 15 secret cisco123

line vty 0 15
login local
transport input ssh
Jaderson Pessoa
*** Rate All Helpful Responses ***

View solution in original post

5 Replies 5

Jaderson Pessoa
VIP Alumni
VIP Alumni
Hello, try it:

no aaa new-model
crypto key generate rsa modulus 2048

username cisco privilege 15 secret cisco123

line vty 0 15
login local
transport input ssh
Jaderson Pessoa
*** Rate All Helpful Responses ***

Thanks, tried that, still getting "Access Denied" from my ssh session.

remove this under line vty 0 15 " no password ******"
Jaderson Pessoa
*** Rate All Helpful Responses ***

line vty 0 4
privilege level 15
login local
length 0
transport input ssh
line vty 5 15
privilege level 15
login local
transport input ssh

 

Same result, "Access Denied".

 

Is the "TACACS+ authentication required" message I'm getting when I'm trying to log in significant?  There is (should not be) no TACACS+ set up for this switch.

 

Can you post full configuration before i can suspect something wrong in another level of config.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help