I am setting up a new ASA. Actually it's an old 5510, but this is a new temporary install until the one we ordered comes in. Everything is working except for SSH. I have SSH open on the inside and outside interfaces and I get a prompt when I try to SSH to it from either the inside or outside. But after I put in my username and password it tells me that my credentials are invalid. I am using a local username/password, not AAA and it accepts that username and password for the console. Console and telnet (password only) both work so I can get in to make changes. When I debug SSH, the error states that my username and password are incorrect. But this happens even when I create a new, simple username/password to test. I've even gone so far as to copy/paste the username and password into the login window just to be safe (making sure I don't copy spaces, etc). Below is a copy of the SSH Debug output followed by a sanitized copy of the config. I have AAA configured for remote VPN users, but not for access to the ASA. Also, this problem existed before I created the AAA settings for the VPN users.
Also, I have zeroized and regenerated the RSA keys a couple of times to no avail.
Device ssh opened successfully.
SSH0: SSH client: IP = '10.10.1.103' interface # = 2
SSH: host key initialised
SSH0: starting SSH control process
SSH0: Exchanging versions - SSH-1.99-Cisco-1.25
SSH0: send SSH message: outdata is NULL
server version string:SSH-1.99-Cisco-1.25SSH0: receive SSH message: 83 (83)
SSH0: client version is - SSH-2.0-SecureCRT_4.1.9 (build 278) SecureCRT
client version string:SSH-2.0-SecureCRT_4.1.9 (build 278) SecureCRTSSH0: begin server key generation
SSH0: complete server key generation, elapsed time = 620 ms
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...