05-21-2010 06:59 PM - edited 03-10-2019 05:09 PM
I am getting this response from my debug but am getting % authorization failed when trying to SSH. Why?
05-21-2010 07:04 PM
Can you share your config?
Do you need authorization? If not, remove the "aaa authorization" command and test if authentication works.
05-22-2010 02:12 AM
Looks like you have " aaa authorization exec default group tacacs local" in you configuration. This means that runs authorization to determine if the user is allowed to run an EXEC shell.
In order to fix this user should have privelege 15 on the tacacs server. If you are running Cisco ACS then I would suggest go to user/group setup >> tacacs shell (exec) >> Privilege 15 >> suubmit
This will fix the issue.
Regds
JK
Do rate helpful posts
05-22-2010 08:49 PM
I am using the free windows Cisco software which is hard to figure out. Here is what I have in the tac.cfg file. I don't have something correct. I get the message at the bottom when I run the tac_plus.exe -C tac.cfg command.
# CONFIGURE ENCYPTION KEY
key = VerYs3cr3taqskey
# Configure User
user = pat {
default service = permit
login = cleartext "pat"
service = exec {
priv-lvl = 15
}
}
# End file
Warning, not running as uid 0
Tac_plus is usually run as root
for user on line 4 keyword
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: