[c-nsp] ASA ssh difficulties
Tillinger, Steve
steve.tillinger at sourcemedia.com
Tue Jul 14 10:35:12 EDT 2009
Have you tried 'pix' as the username?
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Nick Griffin
Sent: Tuesday, July 14, 2009 10:16 AM
To: Jonathan Brashear
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASA ssh difficulties
sorry, location = local :)
On Tue, Jul 14, 2009 at 9:15 AM, Nick Griffin
<nick.jon.griffin at gmail.com>wrote:
> Make sure ssh is setup for location authentication and possibly
> regenerate your ssh keys:
> this is what I usually do:
>
> crypto key generate rsa general modul 2048
>
> aaa authentication telnet console LOCAL
>
> aaa authentication ssh console LOCAL
>
> aaa authentication http console LOCAL
>
> aaa authentication serial console LOCAL
>
>
>
> Nick Griffin, CCIE #17381
> Systems Consultant Alexander Open Systems Direct 479.899.6830 ext 2609
> AOS Scheduling - 417.888.2675
>
> On Tue, Jul 14, 2009 at 9:05 AM, Jonathan Brashear <
> Jonathan.Brashear at hq.speakeasy.net> wrote:
>
>> I'm a bit stumped on an issue I'm having with a particular 5505.
>> Originally it was inaccessible via ASDM or SSH, but after a reboot
>> it began to allow access via ASDM. However, SSH is still not
>> working. I've verified that the username/pass is correct(it works
>> through the ASDM) and that SSH access is allowed from the relevant IP
>> range(I get to a password prompt), but it refuses to accept known
>> good passwords from multiple accounts. It thinks the password is
>> bad, but only when done via SSH. I haven't run into this issue with
>> other ASAs that are configured identically and I can login to the
>> other ASAs from the same terminal window so it shouldn't be something
>> to do with my terminal emulation. Any thoughts on why this may be
happening?
>>
>> Network Engineer, JNCIS-M
>> > 214-981-1954 (office)
>> > 214-642-4075 (cell)
>> > jbrashear at hq.speakeasy.net
>> http://www.speakeasy.net
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>
>
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
"This communication is intended solely for the addressee and is confidential and not for third party unauthorized distribution"
More information about the cisco-nsp
mailing list