Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Allow privilleged users to enter into EXEC mode on login not working with public keys

Hi,

I have recently updated one of my Cisco ASA to v9.2(1) and noticed a function to get the perform authorization for exec shell access can do a auto-enable when logging in from ssh.

The problem is that if I use a private/public key authentication with a user it won't do the auto-enable feature. If I login without keys and using my password, it jumps into privilleged exec mode as it should.

Anyone else had this issue?

Config:

aaa authentication ssh console LOCAL
aaa authorization exec LOCAL auto-enable

username user password xxxxxx encrypted privilege 15
username user attributes
 ssh authentication publickey 22:af:xxxxxx hashed

Any answer will be highly appreciated. 

 

P.S I'm totally new in this forum.

  • Firewalling
6 REPLIES
New Member

I have the exact same problem

I have the exact same problem on 9.2(2)4.  If I use the key, auto-enable doesn't work; if I force password authentication, it does.

Cisco Employee

Would you be able to open a

Would you be able to open a TAC SR and once you do , Email me the SR no and i will look into this issue.

vamrodia@cisco.com

Thanks and Regards,

Vibhor Amrodia
 

New Member

We're in the middle of a big

We're in the middle of a big cut-over, so it'll have to wait a week or so for me... feel free to send me a message or reply again here. I'll do my best to remember!

Cisco Employee

Hi,Once , you get a SR opened

Hi,

Once , you get a SR opened , please drop me an email :- vamrodia@cisco.com and i will take the ownership for that issue.

Thanks and Regards,

Vibhor Amrodia

New Member

Hi ajreichow, did you ever

Hi Vibhor Amrodia,

 

did you ever come across this issue, was this resolved. I can escalate a case but would be a wast of resource if this has been fixed..

clinet is getting this

Privileged Users to Enter Into EXEC Mode on Login Failing with Public Keys on Cisco ASA

 

and currently on 9.3.1

thanks in advance

Lance

New Member

I haven't forgotten about

I haven't forgotten about this... Going to try to get a case opened next week.

412
Views
0
Helpful
6
Replies