cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1606
Views
0
Helpful
4
Replies
Colin Higgins
Explorer

SSH authentication failure CiscoWorks LMS 4

I am trying to get CiscoWorks LMS 4.0 to connect to my routers in order to back up configurations, but I am getting SSH authentication failures reported in the router logs (and archiving fails).

The credentials LMS is using is a username and password with priviledge 15: the account is established in TACACS+. I can log into the devices directly with this user account.

However, I cannot TFTP from the routers to the LMS either (I get a permission denied message in the router).

LMS did manage to fetch some configs, but 90% of my devices are having this issue.

Any advice would be great

2 ACCEPTED SOLUTIONS

Accepted Solutions
Michel Hegeraat
Rising star

Can you login on some of the failing devices from the server itself, rather than from your pc? You can safely install putty or other ssh clients on the server.

Have you tried to validate the credentails in the DCR? 

It is 'normal' to get a permision denied when you do a tftp to LMS. The filename must exist in the CSCOpx\tftpboot\ directory with permission to write for casuser.

Cheers,

Michel

View solution in original post

Hi Colin,

     How do you fix it?! My client's 90% devices cannot get the configuration by lms, just like your situation.

Thanks

View solution in original post

4 REPLIES 4
Michel Hegeraat
Rising star

Can you login on some of the failing devices from the server itself, rather than from your pc? You can safely install putty or other ssh clients on the server.

Have you tried to validate the credentails in the DCR? 

It is 'normal' to get a permision denied when you do a tftp to LMS. The filename must exist in the CSCOpx\tftpboot\ directory with permission to write for casuser.

Cheers,

Michel

View solution in original post

It eventually corrected itself--thanks

Hi Colin,

     How do you fix it?! My client's 90% devices cannot get the configuration by lms, just like your situation.

Thanks

View solution in original post

For some reason the intiial credential set did not take--the system was trying to use default settings. I went back in and set everything back up for SSH.

It is fetching 90% of the configs--I still have some issues with some of them. I cannot directly TFTP from a device to CiscoWorks, but it seems to be able to fetch the configs automatically.

tira: are you using TACACS+ for authentication?