Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
721
Views
1
Helpful
1
Replies

ISE TACACS+ ssh to a switch using Yubikey as a PIV

KelvinT
Level 1
Level 1

‎07-14-2023 12:23 PM

ISE 3.1

Cisco c3850 switch 

a VMware guest win10 domain PC

A VMware guest windows 2016 server

a Yubikey 5c NFC

 

hello,

im trying to use Yubikey 5c as a PIV to ssh to a switch. The switch successfully logs in use ISE TACACS+ with AD credentials (username/password).  Actually ISE is using the user’s and pc AD certs success. 

I’m trying to replace the user AD cert with Yubikey PIV PKI unsuccessfully. 

has anyone done this successfully?

 

thanks

 

1 Reply 1

beverlymomo
Level 1
Level 1

‎07-14-2023 12:33 PM

It is technically possible to use a YubiKey as a PIV device for SSH authentication. However, the specific implementation and configuration steps can vary depending on the environment, software versions, and specific requirements.

I recommend reaching out to Yubico's support team or community forums. They would likely have the most up-to-date information and experience in using YubiKeys for SSH authentication with Cisco devices.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card