Just Kennie Sun, 05/24/2009 - 00:23
User Badges:

Its wont work until I enable aaa new-model.

They It will request for local login.

Attached is the error message without aaa new-model configured.

Below is my config.

hostname JUSTKENNIE

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

!

resource policy

!

ip cef

!

!

!

!

ip domain name computeIT.com

ip ssh version 2

!

!

!

username CISCO password 0 cisco

!

!

!

!

!

!

interface FastEthernet0/0

ip address 10.12.14.216 255.255.255.0

duplex auto

speed auto

!

interface FastEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

!

!

ip http server

no ip http secure-server

!

!

!

!

!

!

!

control-plane

!

!

banner login ^C ALLAH IS GREAT ^C

!

line con 0

line aux 0

line vty 0 4

no login

transport input telnet ssh

!

scheduler allocate 20000 1000



Attachment: 
johnlloyd_13 Sun, 05/24/2009 - 04:13
User Badges:
  • Blue, 1500 points or more

ssh will work with or without AAA. local login is the username and password configured on the router:


username CISCO password 0 cisco


have you tried entering the password "cisco"? kindly post show ssh and show ip ssh output.

Richard Burts Sun, 05/24/2009 - 13:56
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Actually there is a bit of a mismatch when you try to use SSH on a Cisco router without AAA new-model and with the default configuration of having a line password. The SSH wants to do a username and password but the router only wants to authenticate with a password (no username).


It is quite possible to resolve this without requiring aaa new-model. Just configure under the vty lines:

login local

this will cause the router to prompt for username and password and to use both in authentication.


HTH


Rick

Actions

This Discussion