Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco ASA - Cant logon SSH

Posted on 2015-01-27
12
Medium Priority
?
126 Views
Last Modified: 2015-02-01
On a Cisco ASA using ssh, I can logon with my AD account, but I cannot log on using a username I created locally on the ASA, why not?
0
Comment
Question by:tolinrome
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 6
12 Comments
 
LVL 21

Expert Comment

by:netcmh
ID: 40573634
Do you have the

aaa authentication ssh console <AD> LOCAL

set?
0
 
LVL 7

Author Comment

by:tolinrome
ID: 40573640
Yes, but I am not trying to logon with an AD account. I created a local user on the ASA and just simply want to ssh into the ASA using that local account.
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40573650
I understand, the authentication would try AD first and then the local database.
0
Plesk WordPress Toolkit

Plesk's WordPress Toolkit allows server administrators, resellers and customers to manage their WordPress instances, enabling a variety of development workflows for WordPress admins of all skill levels, from beginners to pros.

See why 2/3 of Plesk servers use it.

 
LVL 7

Author Comment

by:tolinrome
ID: 40573651
Then how do I get it to login?
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40573688
Can you share your AAA & LOCAL config?

Also, is your ssh command configured to allow ssh from the particular host?

ssh <Inside host IP> <inside host netmask> inside
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40573692
Sometimes, I've found that deleting that userid and then recreating it, helps.
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40573701
I think that since the AD is always available, you would have difficulty having the Local database step up to authenticate. It's supposed to be used for the times when AD is inaccessible and you need to get into your device.
0
 
LVL 7

Author Comment

by:tolinrome
ID: 40573736
ssh is allowed from the host, I have deleted and recreated the username as well. Thanks.
0
 
LVL 7

Accepted Solution

by:
tolinrome earned 0 total points
ID: 40573798
I decided on an alternative non Cisco related since I couldnt get it working this way.
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40573816
Could you share what you mean? I'd like to know how you did it.
0
 
LVL 7

Author Comment

by:tolinrome
ID: 40573853
Sure, I sent you a private message.
0
 
LVL 7

Author Closing Comment

by:tolinrome
ID: 40582247
I decided on an alternative non Cisco related since I couldnt get it working this way.
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Feb. 28, Amazon’s Simple Storage Service (S3) went down after an employee issued the wrong command during a debugging exercise. Among those affected were big names like Netflix, Spotify and Expedia.
This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question