SG500 - Public Key Auto-login Option Missing

Unanswered Question
Dec 18th, 2013
User Badges:

Hello,


We use a number of SG500 stacks in our office infrastructure. We now have a need to script automatic polling of these switches to extract the ethernet port descriptions. From what I have been reading, the best way to allow for unattended ssh access is to use public key authentication with automatic login. However, there does not seem to be an auto-login option.


On the CLI, ip ssh pubkey-auth option works fine, but will not suggest or accept any further arguments (where auto-login is supposed to go).


On the web GUI, users may be added and associated with public keys, but again there is no automatic login option.

Public key auth is enabled, which I have confirmed on both interfaces. The account that needs to be authorized exists and is usable via username/password auth in the local database. The auth method for all management interfaces is set to local.


What could the issue be?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Brandon Svec Thu, 12/19/2013 - 08:31
User Badges:
  • Silver, 250 points or more
  • Community Spotlight Award,

    Small Business, February 2016

Hi Christopher, I have not tried this, but it seems it should work for you:

http://blog.campodoro.org/?p=2243



-- please remember to rate and mark answered helpful posts --

Christopher Kuhn Thu, 12/19/2013 - 08:36
User Badges:

Brandon,


The entire issue I am having is that the auto-login parameter is not being recognized by the switch. It simply won't accept it as an argument.

Brandon Svec Thu, 12/19/2013 - 08:42
User Badges:
  • Silver, 250 points or more
  • Community Spotlight Award,

    Small Business, February 2016

I did just test this and it worked for me on a SG300 with 1.3.5.58.


So are you saying if you type ip ssh pubkey-auth ? you don't see auto-login?


switch706852(config)#ip ssh pubkey-auth

  auto-login           Specifies that the device management AAA                        authentication (CLI login) is not needed.

  





-- please remember to rate and mark answered helpful posts --

Christopher Kuhn Thu, 12/19/2013 - 09:00
User Badges:

As I stated in the original post, that is exactly what I am saying. In my case, it is an SG500 1.2.7.76.

Actions

This Discussion

Related Content