Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2085
Views
0
Helpful
3
Replies

Cisco SSH Authentication using RSA sig

sotiris.ioannou
Level 1
Level 1

‎05-23-2013 10:53 AM

Hi all,

Can the cisco router authenticate to a server using its RSA sig this will allow password-less login to remote servers?

Thanks,

Sotiris

Labels:
0 Helpful
3 Replies 3

SOcchiogrosso
Level 4
Level 4

‎05-23-2013 06:42 PM

Check out the command "ssh pubkey-chain"


Sent from Cisco Technical Support Android App

-- CCNP, CCIP, CCDP, CCNA: Security/Wireless Blog: http://ccie-or-null.net/
0 Helpful

sotiris.ioannou
Level 1
Level 1
In response to SOcchiogrosso

‎05-24-2013 02:09 AM

I tried that method I have exchanged the pub keys between the two clients, I issue the command

ssh -l user x.x.x.x and the debug shows the following:

%SSH-3-AUTH_METH_ERR: Server does not support password or keyboard-interactive authentication

SSH CLIENT0: user authentication failure(code = 0)

SSH CLIENT0: Session disconnected - error 0x00#

This looks like that the cisco ssh client cannot authenticate using RSA it always expects that a username and password will be sent.

Sotiris

0 Helpful

r.heitmann
Level 1
Level 1
In response to sotiris.ioannou

‎08-28-2018 10:32 AM

looking at your ssh-server

* using "DEBUG"-LogLevel

 

admin@ubuntu:~/.ssh$ cat /etc/ssh/sshd_config | egrep "Level"
#LogLevel VERBOSE
LogLevel DEBUG

you'll notice:

 

admin@ubuntu:~/.ssh$ tail -f /var/log/auth.log
Aug 28 17:63:92 ubuntu sshd[3218]: Connection closed by authenticating user admin <router-ip> port #nnn [preauth]

so the router (ssh-client) drops the session as the server wants to see some authentication-credentials.

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents