Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

The SSH password aging fails to work on the router that authenticates to a TACACS+ server

Core issue

This issue is due to the presence of Cisco bug ID CSCin91851.

In this issue, when you use the router as an Secure Shell (SSH) server that authenticates to an SDI/radius backend, normal authentications work. But, neither the new PIN mode nor the Next Token mode dialogues complete successfully.

This issue is only observed in New PIN mode or Next Token mode dialogue.


For a temporary workaround, use Telnet for authentication or set virtual
terminal (vty) lines to authenticate to the Radius (non-SDI) server instead.

In order to permanently resolve this issue, upgrade the router to Cisco IOS  Software Release 12.4(10.1)T. Use the Cisco IOS Upgrade Planner in order to download the suggested image.

Cisco IOS Software Version


Cisco Secure Access Control Server (ACS)

Cisco Secure ACS Solution Engine

Cisco Secure ACS for Windows

Version history
Revision #:
1 of 1
Last update:
‎06-17-2009 10:16 PM
Updated by:
Labels (1)