Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ssh for admin context

Hi Guys,

Here is the config uration of my admin context on asa 5585 with 8.4 version

hostname FW-MAIN


enable password xxxxxxxx encrypted

passwd xxxxxxx encrypted


name xx-A

name xx-B

name xx-C


interface Management0/0

nameif management

security-level 70

ip address


dns server-group DefaultDNS


pager lines 24

logging enable

logging asdm informational

mtu management 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

route management xx-A 1

route management xx-B 1

route management xx-C 1

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

aaa authentication http console LOCAL

http server enable

http management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh management

ssh timeout 5

no threat-detection statistics tcp-intercept

username admin password 3XRCbLw8F0tIVe6e encrypted privilege 15


class-map inspection_default

match default-inspection-traffic



policy-map type inspect dns preset_dns_map


message-length maximum client auto

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect ip-options


I am unable to ssh into this context, i have checked cyrpto key are configured. I am able to asdm into this context but no ssh. Please Help



ssh for admin context


Remove the entire SSH configuration and add it one more time from scratch

Then place a debug for the SSH process:

Debug SSH 255

And then provide the output to us.


Looking for some Networking Assistance? Contact me directly at I will fix your problem ASAP. Cheers, Julio Carvajal Segura
New Member

ssh for admin context

I have to set my unit to factory default and then configure my admin conext and then create crypto keys!!!!!