cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
467
Views
0
Helpful
6
Replies

ssh implementation

glen.grant
VIP Alumni
VIP Alumni

We are setting up ssh but the thing I don't like when using tacacs , it no longer prompts you for your username it only asks for the password , somehow the username gets sent and then it just asks for the password. This becomes confusing because you do not know if it asking for a tacacs password or the box login and enable secret passwords . Anyone know if there is a way around this so that it will ask for both the username and password for tacacs . The behavior appears to be the same for both IOS and catos . Any help appreciated, thanks.....

1 Accepted Solution

Accepted Solutions

Glen

I am thinking that this behavior is dependent on the SSH client. I can not speak to the behavior of any client on solaris but I do know that when I use SecureCRT as my SSH client it always prompts me for user name as well as password. And whenever I have logged in on a Cisco device and authenticated with user name and password, then if I use the SSH client included in the Cisco it seems that it already knows what user ID authenticated that user session and uses that ID for the outbound SSH and only prompts for the password.

I do not believe that this is a TACACS behavior but believe it is the behavior of the client in Cisco. I am not aware of any way to change that behavior of the SSH client in Cisco.

HTH

Rick

HTH

Rick

View solution in original post

6 Replies 6

yjdabear
VIP Alumni
VIP Alumni

Where are you ssh'ing from (OS and SSH version)?

From any IOS version and we are using version 1 of SSH . I was mainly goimng from a solaris box but get the same thing sshing from another cisco IOS box.

Glen

I am thinking that this behavior is dependent on the SSH client. I can not speak to the behavior of any client on solaris but I do know that when I use SecureCRT as my SSH client it always prompts me for user name as well as password. And whenever I have logged in on a Cisco device and authenticated with user name and password, then if I use the SSH client included in the Cisco it seems that it already knows what user ID authenticated that user session and uses that ID for the outbound SSH and only prompts for the password.

I do not believe that this is a TACACS behavior but believe it is the behavior of the client in Cisco. I am not aware of any way to change that behavior of the SSH client in Cisco.

HTH

Rick

HTH

Rick

I agree with Rick. When i use a SSH client like putty it always prompts me for a username and password when the device is configured for Tacacs and SSH.

When initiatd from the Cisco IOS device, it does not prompt the username.

Narayan

Thanks guys , thats what I kind of figured but wanted to verify . To be honest I'll take telnet anyday. :-)

When you ssh from Solaris, the OpenSSH client defaults to using the username of your current Solaris session. You can explicitly specify what username SSH should use with "ssh -l username routername" or "ssh username@routername".

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: