SSH access authentication failed.

Unanswered Question
Jan 30th, 2009

I have an asa5505 Ver 7.2(4)that I am trying to get a SSH connection with SecureCRT but I keep getting Password Authentication failed. This is what I have entered.

ssh 192.168.0.0 255.255.0.0 inside

ssh version 2

username Name password Password

crypto key generate rsa

I am connecting from 192.168.80.0 subnet and the ASA is in 192.168.20.0 subnet

This is the debug SSH

firewall# debug ssh

debug ssh enabled at level 1

firewall# Device ssh opened successfully.

SSH0: SSH client: IP = '192.168.80.120' interface # = 1

SSH: host key initialised

SSH0: starting SSH control process

SSH0: Exchanging versions - SSH-2.0-Cisco-1.25

SSH0: send SSH message: outdata is NULL

server version string:SSH-2.0-Cisco-1.25SSH0: receive SSH message: 83 (83)

SSH0: client version is - SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRT

client version string:SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRTSSH0: begin server key generation

SSH0: complete server key generation, elapsed time = 2310 ms

SSH2 0: SSH2_MSG_KEXINIT sent

SSH2 0: SSH2_MSG_KEXINIT received

SSH2: kex: client->server aes256-cbc hmac-sha1 none

SSH2: kex: server->client aes256-cbc hmac-sha1 none

SSH2 0: expecting SSH2_MSG_KEXDH_INIT

SSH2 0: SSH2_MSG_KEXDH_INIT received

SSH2 0: signature length 143

SSH2: kex_derive_keys complete

SSH2 0: newkeys: mode 1

SSH2 0: SSH2_MSG_NEWKEYS sent

SSH2 0: waiting for SSH2_MSG_NEWKEYS

SSH2 0: newkeys: mode 0

SSH2 0: SSH2_MSG_NEWKEYS receivedSSH(Serv): user authen method is 'no AAA', aaa server group ID = 0

SSH(Serv): user authen method is 'no AAA', aaa server group ID = 0

SSH2 0: authentication failed for Name

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
srue Fri, 01/30/2009 - 13:09

set ssh authentication to LOCAL.

or use default username (pix?) with default password.

servnj Wed, 02/04/2009 - 11:32

I was able to SSH using pix and the user access mode password. How do I change the default username PIX?

Thanks

brian.warner Thu, 04/18/2013 - 07:13

Enter this command aaa new-model

The aaa new-model command causes the local username and password on the router to be used in the absence of other AAA statements.

Or enter login local on the config of the line vty 0 15

Actions

This Discussion