IOS SSH AAA help!!

Answered Question
May 5th, 2009

Hi All,

I have this config:

aaa authentication login default local line enable

aaa authorization console

aaa authorization exec default local

aaa authorization network default local

line vty 0 4

password Gr834!

transport preferred ssh

transport input ssh

transport output ssh

then create username "admin" with privilege 15. But I can't login to SSH with this username and password? I've already generated public key on the router.

any idea would be very appreciated.

thanks

Alex

Correct Answer by nomair_83 about 7 years 9 months ago

try this:

username cisco password cisco

enable secret cisco

ip domain-name nsp.org

crypto key genrete rsa 1024

ip ssh version 2

line vty 0 4

transport input all

exit

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
nomair_83 Wed, 05/06/2009 - 01:11

try this:

username cisco password cisco

enable secret cisco

ip domain-name nsp.org

crypto key genrete rsa 1024

ip ssh version 2

line vty 0 4

transport input all

exit

bretjaquish@hot... Thu, 05/07/2009 - 09:11

Here is a complete ssh config that doesn't need a hostname or domain name:

crypto key gen rsa gen label SSH_Keys mod 1024

ip ssh ver 2

ip ssh authentication-retries 3

ip ssh time-out 90

ip ssh source-interface loopback0

username test secret p@ssw0rd

enable secret s3cr3tPassw0rd!

aaa new-model

aaa authentication login default local

aaa authentication enable default enable

line vty 0 4

transport input ssh

I would recommend AGAINST creating level 15 usernames.

Actions

This Discussion