Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
364
Views
1
Helpful
3
Replies

ASA FXOS -> ASA Auto enable setting

tjdwns4111
Level 1
Level 1

‎03-25-2024 07:35 PM

i can access to asa without enable password by under config.

but if i access to FXOS, and change to ASA from FXOS by command(change to asa)

the system require the enable password.

how can i access the ASA from FXOS without enable password?

 

aaa-server tacacs protocol tacacs+
aaa-server tacacs host x.x.x.x
key 8 xxxx

user-identity default-domain LOCAL
aaa authentication enable console tacacs LOCAL
aaa authentication http console tacacs LOCAL
aaa authentication ssh console tacacs LOCAL
aaa authentication serial console tacacs LOCAL
aaa authorization command tacacs LOCAL
aaa accounting ssh console tacacs
aaa accounting enable console tacacs
aaa accounting command tacacs
aaa accounting serial console tacacs
aaa authentication secure-http-client
aaa authorization exec authentication-server auto-enable
aaa authentication login-history

Labels:
3 Replies 3

Georg Pauwen
VIP
VIP

‎03-25-2024 11:59 PM

Hello,

tough question. This is what ChatGPT says:

To access a Cisco ASA from within Cisco FXOS without having to manually type in the password each time, you can set up SSH key-based authentication. This method allows you to authenticate to the ASA using SSH keys instead of passwords. Here's a step-by-step guide:

1. **Generate SSH Key Pair on FXOS:**
First, you need to generate an SSH key pair on the FXOS device. You can do this using the `ssh-keygen` command. Make sure you generate the key pair for the appropriate user account that you will use to access the ASA.

ssh-keygen -t rsa

This command will generate a public and private key pair in the `~/.ssh` directory by default.

2. **Copy Public Key to ASA:**
Next, you need to copy the public key from the FXOS device to the Cisco ASA. You can do this by appending the contents of the public key file (`~/.ssh/id_rsa.pub`) to the `authorized_keys` file on the ASA. If the `.ssh` directory or the `authorized_keys` file doesn't exist on the ASA, you'll need to create them.

3. **Enable SSH Key Authentication on ASA:**
Ensure that SSH key-based authentication is enabled on the Cisco ASA. You can do this by configuring the ASA to use public key authentication and allowing SSH access.

4. **Test the Connection:**
Once the public key is copied to the ASA and SSH key authentication is enabled, you should be able to SSH into the ASA from the FXOS device without being prompted for a password.

ssh username@asa_ip_address

Replace `username` with your ASA username and `asa_ip_address` with the IP address of the ASA.

By setting up SSH key-based authentication, you can automate the login process from Cisco FXOS to the Cisco ASA, eliminating the need to manually type in the password each time you access the ASA. Ensure that you have appropriate permissions and security measures in place when using SSH keys.

0 Helpful

tjdwns4111
Level 1
Level 1

‎03-26-2024 12:51 AM

i want to access FXOS to ASA without enable password by console cable

0 Helpful

Georg Pauwen
VIP
VIP
In response to tjdwns4111

‎03-27-2024 12:02 AM

Hello,

your connection to FXOS does not matter, you need to be at the CLI. Does the SSH procedure work ?

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card