Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
26833
Views
41
Helpful
4
Replies

SSH Access Not working on ASA's

Go to solution
redwarrior
Level 1
Level 1

‎07-07-2008 05:30 AM - edited ‎03-11-2019 06:10 AM

I am configuring my ASA's for ssh access prior to removing telnet access to them. However, I'm running into a problem. After I have configured ssh access (assigned a domain, generated my rsa key, and enabled ssh), I am unable to log in. My ssh client is running ssh v.1 and I've checked to make sure the ASA is allowing v.1 and 2. I've also checked to be sure the username and password for the account I have tried have been correct. Basically, it's behaving as if I have a bad password, as it accepts the connection and the username, but fails to accept the password. These accounts all have a privilege level of 15 and I'm able to use them to log into the ASDM. The policies associated with these accounts are the default and I've tried both configuring a new account through ASDM and the CLI. Neither seems to work. Any ideas?

Thanks!

1 person had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
anthony.king
Level 1
Level 1

‎07-07-2008 08:20 AM

If you are using local username/passwords, make sure you have this command: "aaa authentication ssh console LOCAL"

View solution in original post

4 Replies 4

Go to solution
JORGE RODRIGUEZ
Level 10
Level 10

‎07-07-2008 07:42 AM

Karen,

What you are saying is that none of the accounts passwords do work when ssh to the firewall? does this issue applies to the interfaces you have allow ssh under such as inside/outside ?

What version code are you running.

Could you capture ssh debug and post it.

asa#terminal monitor

in config mode

asa(config)#logging monitor 7

then issue debug ssh

try connecting to asa via ssh and capture debug output.

to disable debug

asa#no debugg all

And lastly even though ssh debug is a low level process it is adviced to conduct debug troubleshooting off during network production hours.

Rgds

-Jorge

Jorge Rodriguez

Go to solution
anthony.king
Level 1
Level 1

‎07-07-2008 08:20 AM

If you are using local username/passwords, make sure you have this command: "aaa authentication ssh console LOCAL"

Go to solution
redwarrior
Level 1
Level 1
In response to anthony.king

‎07-07-2008 08:26 AM

This was exactly my problem. Once I set aaa authentication to local, it works like a charm! Thanks!

0 Helpful

Go to solution
KDDI Purchasing Dept
Level 1
Level 1
In response to anthony.king

‎06-14-2018 01:33 PM

you are awesome thank you!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card