09-24-2006 11:43 PM
Folks,
I'm trying to beef-up security in our network. I've changed several test machines to work with SSH and SCP instead of Telnet and TFTP. Also enabled SNMPv3 with authentication.
Device Credentials test shows OK for SNMPv3, SSH and Enable in SSH.
I can safetly use putty to login via SSH to the equipment(Cisco 3800_ISR, Cat2960). Enabled SCP according to the docs + AAA configs.
I've tried to fetch an image from one of these devices, but the job failed with an error.
Same goes for Config files.
Please review my config below:
aaa new-model
aaa authentication login default local
aaa authentication enable default none
aaa authorization exec default local
username myuser privilege 15 password 0 justuser
ip domain-name mydom.com
ip ssh time-out 120
ip ssh authentication-retries 3
ip ssh version 2
ip ssh source-interface Loopback0
ip scp server enable
snmp-server group MyGRP v3 auth read MyUser write MyUser
snmp-server group MyGRP v3 auth
Thanks,
Y.
09-25-2006 05:10 AM
What is the error that the job is failing with?
09-25-2006 05:46 AM
Unfortunately I'm not in front of the system console at the moment. I recall that it says something about SCP error. It appeared just right after the message that "The device is locked for access".
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide