01-30-2009 12:50 PM - edited 03-11-2019 07:44 AM
I have an asa5505 Ver 7.2(4)that I am trying to get a SSH connection with SecureCRT but I keep getting Password Authentication failed. This is what I have entered.
ssh 192.168.0.0 255.255.0.0 inside
ssh version 2
username Name password Password
crypto key generate rsa
I am connecting from 192.168.80.0 subnet and the ASA is in 192.168.20.0 subnet
This is the debug SSH
firewall# debug ssh
debug ssh enabled at level 1
firewall# Device ssh opened successfully.
SSH0: SSH client: IP = '192.168.80.120' interface # = 1
SSH: host key initialised
SSH0: starting SSH control process
SSH0: Exchanging versions - SSH-2.0-Cisco-1.25
SSH0: send SSH message: outdata is NULL
server version string:SSH-2.0-Cisco-1.25SSH0: receive SSH message: 83 (83)
SSH0: client version is - SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRT
client version string:SSH-2.0-SecureCRT_6.1.3 (build 423) SecureCRTSSH0: begin server key generation
SSH0: complete server key generation, elapsed time = 2310 ms
SSH2 0: SSH2_MSG_KEXINIT sent
SSH2 0: SSH2_MSG_KEXINIT received
SSH2: kex: client->server aes256-cbc hmac-sha1 none
SSH2: kex: server->client aes256-cbc hmac-sha1 none
SSH2 0: expecting SSH2_MSG_KEXDH_INIT
SSH2 0: SSH2_MSG_KEXDH_INIT received
SSH2 0: signature length 143
SSH2: kex_derive_keys complete
SSH2 0: newkeys: mode 1
SSH2 0: SSH2_MSG_NEWKEYS sent
SSH2 0: waiting for SSH2_MSG_NEWKEYS
SSH2 0: newkeys: mode 0
SSH2 0: SSH2_MSG_NEWKEYS receivedSSH(Serv): user authen method is 'no AAA', aaa server group ID = 0
SSH(Serv): user authen method is 'no AAA', aaa server group ID = 0
SSH2 0: authentication failed for Name
01-30-2009 01:09 PM
set ssh authentication to LOCAL.
or use default username (pix?) with default password.
02-04-2009 11:32 AM
I was able to SSH using pix and the user access mode password. How do I change the default username PIX?
Thanks
04-18-2013 07:13 AM
Enter this command aaa new-model
The aaa new-model command causes the local username and password on the router to be used in the absence of other AAA statements.
Or enter login local on the config of the line vty 0 15
04-23-2019 08:38 PM - edited 04-23-2019 08:39 PM
Try adding:
aaa authentication ssh console LOCAL
into your config. This assumes you are not using some exterior form of authentication.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide