cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
581
Views
0
Helpful
3
Replies

Local SSH Account - Security Auditors

Jason Maynard
Cisco Employee
Cisco Employee

Do we support creating a local account on ISE using public SSH Key for our security auditors?

1 Accepted Solution

Accepted Solutions

I am guessing it depends on what the auditor requires to do. ISE CLI users have two roles only -- admin or oper

my240/admin(config)# username audit password plain testAudit role ?

  admin  Specifies user with administrative role privileges

  user   Specifies user with read-only role privileges

View solution in original post

3 Replies 3

hslai
Cisco Employee
Cisco Employee

ISE admin CLI accounts are local only. Yes, it supports using SSH public key, which can be imported using crypto, e.g.:

crypto key import id_rsa.pub repository myRepo

Hi,

TAC suggested that a Local Account cannot be created for the security auditor team. Just trying to confirm

- I can create a local account called "SecurityAuditor" and import the SSH public key using "crypto key import id_rsa.pub repository myRepo"


- Also, can the SecurityAuditor" account be restricted or does it have to be admin?

Thanks,

Jason

I am guessing it depends on what the auditor requires to do. ISE CLI users have two roles only -- admin or oper

my240/admin(config)# username audit password plain testAudit role ?

  admin  Specifies user with administrative role privileges

  user   Specifies user with read-only role privileges

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: