Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Nexus 5548UP TACACS+ and 1 user local with RSA key

I would like to know if it's possible to use TACACS+ for all SSH users connetions to a Nexus 5548UP except one connection from a server local with no password but with a an rsa cert?  If yes, do you have a procedure or a document that explain that?

Everyone's tags (3)
2 REPLIES
Cisco Employee

Nexus 5548UP TACACS+ and 1 user local with RSA key

Yes you can.. I normally have it set up this way in our lab. I login via key based authentication while rest of our team uses TACACs

1)Copy the key to the switch bootflash

2)And here is my config for my key-based authentication.

24.10.5020A.1# sh run | inc prkrishn

username prkrishn password 5 !  role network-admin

username prkrishn sshkey ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDDk3UqsrGcFZXSNrugBAJaTz6TfVYJbE0+TCJTFf1Z5vScU0lmEPGHCl8tu9+Inb0T+8aZCZerqK2aQs94Dti/BjSA1XxLNj9KLKW

VuBe/01eVKTvXNv2nb1fvAAiHfOsPmL8whP/ZksmyMD2Vxee5nFv0iJhG4bYclKBXNSHRXQ== prkrishn@dhcp-64-102-157-203.cisco.com

Community Member

Nexus 5548UP TACACS+ and 1 user local with RSA key

Thanks yes I found the solution last Friday and it's exactly what you mention above. It's working now.

727
Views
0
Helpful
2
Replies
CreatePlease to create content