• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 922
  • Last Modified:

Not prompted for password on Cisco UC520 via SSH

I have a UC520,  I've created users on it via CLI, set the Enabled/Secret passwords etc.. yet when I SSH in I can literally just type in any username for any user that exists on the system and it logs me right in to #.  It doesn't even prompt for a password.   This is obviously a huge security risk and being a bit hesitant to post my config and leave some identifying information in it I'm hoping that someone could point me in a direction.

0
ZooyorQ
Asked:
ZooyorQ
  • 3
  • 3
1 Solution
 
uniplastCommented:
You can give different privileges to users that you define.
At this link is explained in detail how it works

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t13/feature/guide/ftprienh.html
0
 
ZooyorQAuthor Commented:
So if I lower the privilege to say 1 from its current 15 users will be prompted with a password to access privileged commands?
0
 
uniplastCommented:
Yes, but  lowest level of access is 0
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
ZooyorQAuthor Commented:
Even with a high privilege shouldn't the user be prompted for their password though?
0
 
uniplastCommented:
Login Authentication Using Enable Password

Use the aaa authentication login command with the enable method keyword to specify the enable password as the login authentication method. For example, to specify the enable password as the method of user authentication at login when no other method list has been defined, enter the following command:

aaa authentication login default enable


Before you can use the enable password as the login authentication method, you need to define the enable password. For more information about defining enable passwords, refer to the chapter "Configuring Passwords and Privileges."

More about this is on link
http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfathen.html
0
 
ZooyorQAuthor Commented:
The solution was changing the aaa authentication default to enable, it was currently set to none.  Thanks!
0

Featured Post

Eye-catchers on the conference table

Challenge: The i-unit group was not satisfied with the audio quality during remote meetings. They were looking for a portable solution with excellent audio quality for use in their conference room but also at their client’s offices.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now