I'm looking to set up passwordless SSH authentication so a Solaris client can run a script to log on to a PIX and retrieve the configuration.
Has anyone succesfully achieved passwordless SSH authentication on a PIX or know whether the device supports it or not?
Many Thanks, Dom
that is vaguely correct.
here are the details :
Security506E-6.x(config)# sh aaa
aaa proxy-limit 16
aaa authentication ssh console SecurityACS1111 LOCAL
aaa authentication http console SecurityACS1111 LOCAL
aaa authentication telnet console SecurityACS1111 LOCAL
aaa authentication enable console SecurityACS1111 LOCAL
aaa authorization command LOCAL
now,if you have configured aaa on the pix and specified a aaa server for the authentication purpose when ssh is done ""aaa authentication ssh console SecurityACS1111 LOCAL ".....then the username and passwords from the aaa server database need to be provided when ssh is done.
if you have specified LOCAL as the authentication method,then the username and password database configured in the firewall's configuration will be used for the authentication purpose.
if you have n't spoecified " ssh " under " sh aaa " command output ,then the default settings are used.
dafault settings :
username : pix
telnet password: whatever password you have set using the command :
enable password :
whatever password you have set using :
please rate if this helps!!