SSH access authentication failed.

Unanswered Question
Jan 30th, 2009
User Badges:

I have an asa5505 Ver 7.2(4)that I am trying to get a SSH connection with SecureCRT but I keep getting Password Authentication failed. This is what I have entered.

ssh inside

ssh version 2

username Name password Password

crypto key generate rsa

I am connecting from subnet and the ASA is in subnet

This is the debug SSH

firewall# debug ssh

debug ssh enabled at level 1

firewall# Device ssh opened successfully.

SSH0: SSH client: IP = '' interface # = 1

SSH: host key initialised

SSH0: starting SSH control process

SSH0: Exchanging versions - SSH-2.0-Cisco-1.25

SSH0: send SSH message: outdata is NULL

server version string:SSH-2.0-Cisco-1.25SSH0: receive SSH message: 83 (83)

SSH0: client version is - SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRT

client version string:SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRTSSH0: begin server key generation

SSH0: complete server key generation, elapsed time = 2310 ms


SSH2 0: SSH2_MSG_KEXINIT received

SSH2: kex: client->server aes256-cbc hmac-sha1 none

SSH2: kex: server->client aes256-cbc hmac-sha1 none

SSH2 0: expecting SSH2_MSG_KEXDH_INIT

SSH2 0: SSH2_MSG_KEXDH_INIT received

SSH2 0: signature length 143

SSH2: kex_derive_keys complete

SSH2 0: newkeys: mode 1


SSH2 0: waiting for SSH2_MSG_NEWKEYS

SSH2 0: newkeys: mode 0

SSH2 0: SSH2_MSG_NEWKEYS receivedSSH(Serv): user authen method is 'no AAA', aaa server group ID = 0

SSH(Serv): user authen method is 'no AAA', aaa server group ID = 0

SSH2 0: authentication failed for Name

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
srue Fri, 01/30/2009 - 13:09
User Badges:
  • Blue, 1500 points or more

set ssh authentication to LOCAL.

or use default username (pix?) with default password.

servnj Wed, 02/04/2009 - 11:32
User Badges:

I was able to SSH using pix and the user access mode password. How do I change the default username PIX?


brian.warner Thu, 04/18/2013 - 07:13
User Badges:

Enter this command aaa new-model

The aaa new-model command causes the local username and password on the router to be used in the absence of other AAA statements.

Or enter login local on the config of the line vty 0 15


This Discussion