[c-nsp] ASA 5505 SSH

Josh Farrelly josh at base-2.co.nz
Thu Dec 8 17:47:05 EST 2011

Make sure 'aaa authentication ssh console LOCAL' is set.
Confirm your settings are ok via 'show ssh'
Make sure you're connecting to the 'outside' address FROM the 'outside'
(e.g. if you're on the inside, and trying to connect to the outside
interface it will fail).



-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Antonio Querubin
Sent: Friday, 9 December 2011 11:31 a.m.
To: Rhino Lists
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] ASA 5505 SSH

On Thu, 8 Dec 2011, Rhino Lists wrote:

> I have a newly configured ASA 5505 that for some reason will NOT 
> authenticate a user via SSH?
> I have the following:
> ssh outside
> aaa authentication ssh console LOCAL
> and I have a username and password defined.  When I ssh it accepts the

> connection and keeps reporting Access Denied?
> I have also tried it without the aaa authentication ssh console LOCAL 
> and tried using the username pix with the password specified in the 
> config but I get same results?  Am I missing something?

Did you create the crypto key?

crypto key generate rsa general-keys

Antonio Querubin
e-mail:  tony at lavanauts.org
xmpp:  antonioquerubin at gmail.com
cisco-nsp mailing list  cisco-nsp at puck.nether.net
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list