cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
203413
Views
97
Helpful
22
Replies

2960S - Password required, but none set

Hi,

I set a password for the 'VTY lines', the Console, I set an 'enable secret' and an 'enable' password,

but when I log in via ssh I get this:

Switch15>en

Password required, but none set
Password:
Switch15#sh run

Building configuration...

Current configuration : 28178 bytes
!

.....

I type in the 'enable secret' and get into the enable mode...

I always get this "Password required, but none set"! But all passwords are set.

It's a WS-C2960S-48TD-L with IOS Version is 15.0(2)SE2 (C2960S-UNIVERSALK9-M)

What am I missing?

Kind regards,

Andreas

1 Accepted Solution

Accepted Solutions

I'm not the original poster but the aaa authentication enable default enable command solved the problem for me. Rated appropriately. Thank you very much.

View solution in original post

22 Replies 22

pk21
Level 1
Level 1

no aaa new-model

line vty 0 4

login local

InayathUlla Sharieff
Cisco Employee
Cisco Employee

HI Andreas,

You need to specify it under line vty 0 4.

eg:

username cisco secret cisco
enable secret cisco

line vty 0 4
logging synchronous
login local




Hi and thanks for the reply,

sorry but there is no option "login local" under 'line vty 0 4' since I use radius authentication(aaa new-model).

I only have "login authentication [WORD | default]".

I tried already to set 'login authentication default' under the 'line vty 0 4'  but no success...

This must be a cosmetic bug. I get the same message when I SSH into a 3750X with 15.0(2)SE2 and AAA enabled. Disable AAA and the message disappears.

I think you're right, I get the same on a 3560X running 15.0(2)SE2

>>>>>

Password required, but none set

User Access Verification

Username: cisco

Password:

MySwitch>en

Password required, but none set

Password:

Myswitch#

>>>>>

so everything works apart from our automated scripts

If you are trying to use the RADIUS authentication there are additional steps, here is my setup and I'm running 15.1(1)SG1

aaa new-model

aaa authentication login vtylogin group radius local

aaa authentication login conlogin group radius local

aaa authentication enable default group radius enable

aaa authorization console

aaa authorization exec vtylogin group radius local

aaa authorization exec conlogin group radius local

!

radius server RADIUS

address ipv4 x.x.x.x auth-port 1645 acct-port 1646

timeout 3

retransmit 3

key xxxxxxxxxxxxxxxxxxxxxxxxx

!

ip radius source-interface vlan200

!

line vty 0 4

exec-timeout 0 5

authorization exec vtylogin

login authentication vtylogin

transport input ssh

When I use the 'aaa authentication exec' command it kicks me out immediately after entering the password, so I can't use this option.

The other thing is I need to use the local enable(secret) password for the priv. exec mode.

I tried all other options but no luck.

I doesn't matter what I configure, It always brings this message. I doubt it has something to do with the vty lines, because the message comes after typing 'enable':

Switch42>en

Password required, but none set
Password:
Switch42#

It is possible that the issue is on the RADIUS server.  What are you using for the RADIUS server?

Hi Andreas,

It seems that you did not set the password on the “ssh” configuration and that is why you

are receiving the specific message when trying to “ssh” to the switch.

The next configuration is the right configuration to applied:

Switch(config)#line vty 0 15

Switch(config-line)#transport input ssh

Switch(config-line)#password xxxx

Regards

Inayath

Hi,

try this:

aaa new-model

aaa authentication login default local

aaa authentication enable default enable

username test password test

enable secret test

If this will not work, can you paste your config to see what is wrong?

Best Regards

Please rate helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

I'm not the original poster but the aaa authentication enable default enable command solved the problem for me. Rated appropriately. Thank you very much.

Hi,

thank you all, the aaa authentication enable default enable does the trick !

Thanks!

Kind regards!

As Chuck said above, it appears to be cosmetic.  When running 15.0(2)SE on a 3560, I had NO problems, but when I upgraded to 15.0(2)SE4, the "Password required, but none set" message pops up.  However, it does still require that I enter the correct password.

So I verified that 15.0(2)SE4 caused this by downgrading back to 15.0(2)SE and the error went away.

Review Cisco Networking for a $25 gift card