Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
Purple

ssh implementation

We are setting up ssh but the thing I don't like when using tacacs , it no longer prompts you for your username it only asks for the password , somehow the username gets sent and then it just asks for the password. This becomes confusing because you do not know if it asking for a tacacs password or the box login and enable secret passwords . Anyone know if there is a way around this so that it will ask for both the username and password for tacacs . The behavior appears to be the same for both IOS and catos . Any help appreciated, thanks.....

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Gold

Re: ssh implementation

Glen

I am thinking that this behavior is dependent on the SSH client. I can not speak to the behavior of any client on solaris but I do know that when I use SecureCRT as my SSH client it always prompts me for user name as well as password. And whenever I have logged in on a Cisco device and authenticated with user name and password, then if I use the SSH client included in the Cisco it seems that it already knows what user ID authenticated that user session and uses that ID for the outbound SSH and only prompts for the password.

I do not believe that this is a TACACS behavior but believe it is the behavior of the client in Cisco. I am not aware of any way to change that behavior of the SSH client in Cisco.

HTH

Rick

6 REPLIES
Blue

Re: ssh implementation

Where are you ssh'ing from (OS and SSH version)?

Purple

Re: ssh implementation

From any IOS version and we are using version 1 of SSH . I was mainly goimng from a solaris box but get the same thing sshing from another cisco IOS box.

Hall of Fame Super Gold

Re: ssh implementation

Glen

I am thinking that this behavior is dependent on the SSH client. I can not speak to the behavior of any client on solaris but I do know that when I use SecureCRT as my SSH client it always prompts me for user name as well as password. And whenever I have logged in on a Cisco device and authenticated with user name and password, then if I use the SSH client included in the Cisco it seems that it already knows what user ID authenticated that user session and uses that ID for the outbound SSH and only prompts for the password.

I do not believe that this is a TACACS behavior but believe it is the behavior of the client in Cisco. I am not aware of any way to change that behavior of the SSH client in Cisco.

HTH

Rick

Re: ssh implementation

I agree with Rick. When i use a SSH client like putty it always prompts me for a username and password when the device is configured for Tacacs and SSH.

When initiatd from the Cisco IOS device, it does not prompt the username.

Narayan

Purple

Re: ssh implementation

Thanks guys , thats what I kind of figured but wanted to verify . To be honest I'll take telnet anyday. :-)

Blue

Re: ssh implementation

When you ssh from Solaris, the OpenSSH client defaults to using the username of your current Solaris session. You can explicitly specify what username SSH should use with "ssh -l username routername" or "ssh username@routername".

184
Views
0
Helpful
6
Replies
CreatePlease to create content