SSH Access Denied

brad.thurston · ‎07-10-2007

I am working on configuring an ASA 5520. I am able to use asdm and telnet to configure. I am unable to ssh to the device. I have generated keys and set the time out and tries. I am unable to make a ssh connection with any of the accounts i created, priv 15. At the same time I can use the accounts to log into ASDM. All of this was done through CLI. What could i have overlooked, any ideas? thanks.

htarra · ‎07-17-2007

Please click the below URL for not Denied SSH Access.

http://www.cisco.com/en/US/tech/tk583/tk617/technologies_tech_note09186a0080094314.shtml#intro

Richard Burts · ‎07-17-2007

Henry

This is an interesting link. But it is specifically about configuring SSH for Catalyst switches and the original post was about problems with SSH on an ASA not on a Catalyst.

Does the configuration of the ASA identify the address ranges allowed to access the ASA via SSH?

If you attempt access via SSH and it fails are there any entries in the logs about this?

HTH

Rick

HTH

Rick

minumathur · ‎07-17-2007

Hi Brad

First of all check , Your IOS support SSH feature or not, if yes, you need to enable ssh on device, i belive when you are doing this, it will not in running config .For vafication you need to put commnand below

show ip ssh ....i belive,

please rate this post if help

-Minu

andy-gerace · ‎07-17-2007

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008069bf1b.shtml

That should have what you need.

usasigcis · ‎06-22-2013

what does the "debug ssh" shows, when the ssh fails?

also check if the host is in the access-list

ssh x.x.x.x m.m.m.m INSIDE/OUTSIDE

and

aaa authentication ssh console LOCAL

if you re using local credentials

last but not least try zeroizing rsa modulus key and re generate.

abjohnson · ‎09-28-2020

This solved the problem for me. I just needed to enable ssh with the aaa command.