05-04-2007 10:35 AM - edited 03-05-2019 03:52 PM
I have a Cat 3550 in which I enable SSH on, now the console password seems to be disabled.(Yes I do have one setup) I can plug a console cable in and the I get right into user mode (no password). Ive tried to find info on this but havent been very succesful. Anybody know how to re-enable the console password? Or if I cant re-enable it what causes this to be disabled with SSH present? Any help is appreciated. Thanks
05-04-2007 10:38 AM
Were you asked the login before configuring the SSH? What if you disable the SSH, does the switch behave the same way?
Please paste the show version and config from the switch. I dont think SSH config is related to the problem that you are facing.
-amit singh
05-04-2007 10:46 AM
Yes the console password worked up until the point in which I enable SSH then it never worked after that.
Cisco IOS Software, C3550 Software (C3550-IPSERVICESK9-M), Version 12.2(35)SE3, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Fri 16-Mar-07 00:43 by antonino
Image text-base: 0x00003000, data-base: 0x00E86000
ROM: Bootstrap program is C3550 boot loader
External_3550 uptime is 3 days, 7 hours, 53 minutes
System returned to ROM by power-on
System restarted at 06:51:59 EDT Tue May 1 2007
System image file is "flash:/c3550-ipservicesk9-mz.122-35.SE3.bin"
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
Cisco WS-C3550-24-PWR (PowerPC) processor (revision E0) with 65526K/8192K bytes of memory.
Processor board ID CAT0805Z17L
Last reset from warm-reset
Running Layer2/3 Switching Image
Ethernet-controller 1 has 12 Fast Ethernet/IEEE 802.3 interfaces
Ethernet-controller 2 has 12 Fast Ethernet/IEEE 802.3 interfaces
Ethernet-controller 3 has 1 Gigabit Ethernet/IEEE 802.3 interface
Ethernet-controller 4 has 1 Gigabit Ethernet/IEEE 802.3 interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.
384K bytes of flash-simulated NVRAM.
Base ethernet MAC Address: 00:0F:24:94:71:80
Motherboard assembly number: 73-8100-07
Power supply part number: 341-0029-03
Motherboard serial number: CAT08050P4G
Power supply serial number: DTH0748048T
Model revision number: E0
Motherboard revision number: A0
Model number: WS-C3550-24PWR-SMI
System serial number: CAT0805Z17L
Configuration register is 0x10F
05-04-2007 10:53 AM
I also just checked my 3750's that have SSH setup and I have the same problem...do you have to do some other sort of authentication setup for the console port for SSH w/ AAA username and passwords?
05-04-2007 11:10 AM
Please paste the switch config. Are you using AAA for suthentication. If you are using local authentication on the switch make sure AAA is disabled on console access.
-amit singh
05-04-2007 11:32 AM
Here is all the relevant information....
version 12.2
no service pad
service timestamps debug datetime localtime
service timestamps log datetime localtime
service password-encryption
!
hostname **************
!
enable secret 5 *****
!
username **** secret 5 ****
aaa new-model
!
aaa session-id common
clock timezone EST -5
clock summer-time EDT recurring
ip subnet-zero
ip domain-name *********.COM
!
ip ssh time-out 60
ip ssh authentication-retries 2
vtp domain ********
vtp mode transparent
!
!
crypto pki trustpoint TP-self-signed-613708160
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-613708160
revocation-check none
rsakeypair TP-self-signed-613708160
!
!
crypto pki certificate chain TP-self-signed-613708160
certificate self-signed 01
308202AC 30820215 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
5D312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36313337 30383136 30312B30 2906092A 864886F7 0D010902
161C4578 7465726E 616C5F33 3535302E 46494E49 53484C49 4E452E43 4F4D301E
170D3933 30333031 30303032 31395A17 0D323030 31303130 30303030 305A305D
312E302C 06035504 03132549 4F532D53 656C662D 5369676E 65642D43 65727469
66696361 74652D36 31333730 38313630 312B3029 06092A86 4886F70D 01090216
1C457874 65726E61 6C5F3335 35302E46 494E4953 484C494E 452E434F 4D30819F
300D0609 2A864886 F70D0101 01050003 818D0030 81890281 8100B762 AE6F35B6
BDD8D7C5 33077279 BC26DE85 52AFDB20 BCBCC86B C82ACA17 6B6E4C83 6EC814E6
10A993D8 2B72F168 387DC8FC 4B20462F AFE6043B 92786C36 9E2A492D 61428F9F
42E255F0 60AA39F7 AF39082C 5C1B01B6 BB8FD5B3 E3215B9F 2E28E037 BF185B46
9D463BDE 3910CE70 AF09D816 089184AB 1EEF2F71 759CF13F 20530203 010001A3
7C307A30 0F060355 1D130101 FF040530 030101FF 30270603 551D1104 20301E82
1C457874 65726E61 6C5F3335 35302E46 494E4953 484C494E 452E434F 4D301F06
03551D23 04183016 8014157B 8B2CE909 97AC0F68 42F01E8F FC13E063 AF8A301D
0603551D 0E041604 14157B8B 2CE90997 AC0F6842 F01E8FFC 13E063AF 8A300D06
092A8648 86F70D01 01040500 03818100 1F197D2F 22B7BD4A 9DB25EF3 F2C4BCF1
47F607FB 4C2FB2BB EEDE0360 F275E449 36BCA2F0 9B7BCDD4 12252EA2 6B5331BD
0284A0F5 DC56B409 C4D9CD5E 642152D8 689EC57E D0D095FD 16E4FBB5 E326BD46
4DB32AAC 0A89C1A8 78757413 2B74D68E 2F05640E 4DBD74C1 11D36F60 76173E2D
A44DA182 31630938 6BBF3432 9ADA4283
quit
!
line con 0
password 7 122D06181F061E8536954769
logging synchronous
transport preferred none
line vty 0 4
password 7 046F065825C5E410A121656
logging synchronous
transport preferred none
transport input ssh
line vty 5 15
access-class 10 in
password 7 09784D064658051D0207176B
transport preferred none
transport input ssh
!
end
05-04-2007 11:22 AM
If you are using AAA then you have to configure " AAA autehntication " under the " line console "
config t
line console
login authentication default << If using default list in the aaa authentication config
or the list specified in the authenctication config.
Please use the link below for more understanding.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12235se/scg/swauthen.htm#wp1091098
HTH,
-amit singh
05-04-2007 11:43 AM
Thank you for pointing me in the right direction! Your help was very useful and it resolved my issue. Thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: