cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
196
Views
15
Helpful
4
Replies
Beginner

CISCO ASA LOGIN

Dear All,

 

I have two ASA firewall & that is already enable with ssh v1 credentials so i want to add new login credentials with privilege 15 so please suggest cli command to enable credentials for new username.

 

 

ASA5505

ASA5525

4 REPLIES 4
VIP Advisor

Re: CISCO ASA LOGIN

Hi there,

The command to add a user to the local database would be:

 

!
username <user> password <password> privilege 15
!

cheers,

Seb.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa94/config-guides/cli/general/asa-94-general-config/aaa-local.html#ID-2114-00000076

Re: CISCO ASA LOGIN

Hi

Do not use ssh v1. It's unsafe and deprecated.
Here an example of ssh setup :
! needed if you want to scp file on the box
! ssh scopy enable
ssh stricthostkeycheck
! describe the network or hosts and the interface from where you want to allow the ssh access
ssh <x.y.z.0 255.255.255.0 <management_if>
ssh a.b.c.d 255.255.255.255 <management_if>
ssh timeout 30
ssh version 2
! keep strong ciphers only
ssh cipher integrity high
ssh key-exchange group dh-group14-sha1

Then if you want to add a new local username, just do :
username <user> password <pass> privilege 15

I assume that local authentication is already set :
aaa authentication ssh console LOCAL

Regards

Jérôme
Beginner

Re: CISCO ASA LOGIN

Hi Jerome,

 

Thanks for reply please let me know how the local authentication can be set.?

Highlighted

Re: CISCO ASA LOGIN

Hello

Local authentication can be set using this :
aaa authentication ssh console LOCAL

Regards
CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards