Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

autocommand not working

Trying to configure a user to be able to login via ssh and only see the router's configs. Router in question is a 2801 running IOS Version 12.4(15)T1.

Using local username database, no aaa new-model.

VTYs configured as follows:

line vty 0 4

login local

transport input ssh

User configured like so:

username dummy priv 15 secret 0 XXXXXXX

username dummy noescape autocommand sh run

When dummy logs in, no config is shown and he gets privileged exec mode prompt.

Jim Moore

7 REPLIES
Silver

Re: autocommand not working

To automatically execute a command when a user connects to a particular line, use the "AUTOCOMMAND" command in line configuration mode. To disable the automatic execution, use the no form of this command.

For more information on using this command refer the following URL:

http://www.cisco.com/en/US/docs/ios/12_3/termserv/command/reference/ter_a1g.html#wp998780

New Member

Re: autocommand not working

Not what I"m after. I want the automatic command to be invoked only for a specific user, not for anyone connecting to a particular line. Furthermore, with my configuration and IOS combination, neither works:

config 1:

username dummy priv 15 secret 0 dummy1

line vty 0 4

login local

autocommand show running-config

transport input ssh

config 2:

username dummy priv 15 secret 0 dummy1

username dummy autocommand show running-config

...

line vty 0 4

login local

transport input ssh

In either case, when dummy logs in he gets the

privileged exec command prompt, no running configuration display, and no automatic logout.

When I change the input transport to telnet, both work.

New Member

Re: autocommand not working

I am running into the same thing. Ever find an answer?

New Member

Re: autocommand not working

Yes, I got the following answer from Mauricio Oviedo of TAC:

After reading the problem description included in your SR, I understand that

you are having issues setting automatic commands for SSH sessions.

The bug CSCdz17608 causes this problem on the Router. Here are the details:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fet

chBugDetails&bugId=CSCdz17608

When user logs into the router using ssh, autocommand is not executed when

using "login local" as in following config:

username autocommand

line vty 0 4

login local

transport ssh

Workaround:

Configure aaa instead of using login local.

Example:

aaa new-model

aaa authentication login VTYS local

aaa authorization exec VTYS local

line vty 0 4

login authentication VTYS

authorization exec VTYS

Please let me know how would you like me to proceed with this case and feel

free to contact me if you have any question or doubt.

Best regards,

Mauricio Oviedo

SMB Team

Cisco Support Engineer

Email: moviedo@cisco.com

Phone: 407 241-2965 x4682

Monday through Friday 8:00 a.m. - 5:00 p.m. CDT

I verified that the fix works.

New Member

Re: autocommand not working

Thanks for the post!!!

New Member

OK, I have aaa enabled but

OK, I have aaa enabled but get the autocommand failure when just trying to show static routes. What am I doing wrong?

Line has invalid autocommand "show ip route static"

Silver

Re: autocommand not working

Hi James,

Thanks for posting the fix. I rate it a "5" and hope you continue to follow up like this as it helps everyone who uses the forum.

Best,

Paul

4676
Views
25
Helpful
7
Replies