12-20-2021 03:20 AM - edited 12-20-2021 03:46 AM
Hello,
I have a N5K-5672UP and i can login by telnet or ssh to the switch but when i want to connect to the switch by console it shows this error:
AUTHPRIV-3-SYSTEM_MSG
pam_aaa:Authentication failed from console - login
any idea how can is sovle this?
i do not have any special config just default configs (i already reset to factory) and use 4-5x SVI with port-channel.
Thanks,
12-20-2021 08:57 AM
- Show the output of : # show aaa authorization
M.
12-20-2021 09:04 AM - edited 12-20-2021 09:07 AM
here is the output:
SWT1# show aaa authorization
pki-ssh-cert: local
pki-ssh-pubkey: local
AAA command authorization:
SWT1#
SWT1(config)# aaa authorization ?
ssh-certificate Configure ssh certificate
ssh-publickey Configure ssh publickey
SWT1(config)#
12-20-2021 11:56 AM
If you are using AAA, you may want to add this command and try again:
aaa authentication login console local
HTH
12-20-2021 09:47 PM
i think n5k-5672up is using aaa by default, i did notchange anything,
but i already execute that command here is my output:
show aaa authentication
default: local
console: local
i also simplified my password and change it to admin123 and tried with admin/admin123 but the result was same, i entered username and password then it shows user/pass again,
i can see my banner but it seems it can not parse the password.
my nxos version is :
kickstart: version 7.3(9)N1(1)
system: version 7.3(9)N1(1)
12-20-2021 11:47 PM
>....but it seems it can not parse the password.
- What do you mean by that sentence ?
M.
12-20-2021 11:51 PM
when i enter username and password in the console it ask the username and password again then i login to the switch by ssh and check the logs and it shows the following error:
AUTHPRIV-3-SYSTEM_MSG
pam_aaa:Authentication failed from console
as you can see in previous replies i enabled aaa local authentication
12-21-2021 12:12 AM
- How does the actual login-attempt on the console fail ? Is there a wrong-password message ? Or something else ?
M.
12-21-2021 12:15 AM
i have a banner when i connect to console it shows my banner and it ask username then i enetr that and after that it asks for password and i enter it again after all of them it shows the banner again and ask for username and password.
it does not show anything on console and it justs logs on the cisco that i sent you in previosu post.
12-21-2021 12:36 AM
- In terms of exact-analysis that remains a bit unclear, you want to post a screenshot , or a few of them. For instance what does 'after all of them' means (?)
M.
12-21-2021 12:42 AM
here is screenshot:
12-21-2021 01:25 AM
12-21-2021 01:35 AM
It would help us understand the issue better if we had more information. Ideally I would like to see the complete current running config since there are several things that might impact authentication on the console. But if you do not want to post the complete config then let us start with
show run | include aaa
You could also use these steps to investigate the issue:
- login to the switch using telnet/SSH
- enter enable mode
- term monitor
- debug aaa authentication
- keep the telnet/ssh session running while you attempt console access
- post the debug output
- no debug aaa authentication
- logout of the telnet/ssh session
12-21-2021 01:38 AM
i tried with ipkvm and mikrotik both of them does not help,
i also tried with direct laptop.
12-21-2021 02:24 AM
>i tried with ipkvm and mikrotik both of them does not help,
These are not familiar for me, try with Windows and Putty (a 'most common solution') , if problems persist then execute the full debugging procedure requested by Richard too.
M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide