Hello all,
I'm sorry to bother all of you with such a simple question but the answer is avoiding me for the whole morning and after browsing the web with frenesy I still can't find my answer. I hope you guys have the answer I search.
Context:
I have a switch 2940 with IOS ssh capable.
IOS (tm) C2940 Software (C2940-I6K2L2Q4-M), Version 12.1(22)EA14, RELEASE SOFTWARE (fc1)
On this switch I have an IP address, let's say 192.168.1.2 for the sake of the example, which allows me to connect remotely via telnet.
I have the basic SSH configuration set up:
ip domain-name test.com
ip ssh time-out 120
ip ssh authentication-retries 3
hostname switch1
enable secret test
username user1 privilege 15 secret 5 $1$hh/A$ZJqF74RtN03fbbVwPu4m.1 (this is the result of show run not the actual password)
line vty 0 4
password pass
login
line vty 5 15
transport input ssh
login local
With this configuration SSH is not working. The description of not working is this one:
- I access the switch with SSH. OK
- I get prompted with username and password. OK
- When entering my credentials, I get a bad credentials from entering the user1 login/password.
However if I delete login local and add on global config mode aaa new-model the SSH will work.
At first I didn't pay attention because I use aaa new model (+ the method list set) on all of my switches, but I want to understand why login local is not working with this set up.
Thanks in advance for your answers!
have a great day.
