Nick nailed it, thanks. :) The tech that built this firewall missed this line: aaa authentication ssh console LOCAL
Network Engineer, JNCIS-M > 214-981-1954 (office) > 214-642-4075 (cell) > jbrash...@hq.speakeasy.net http://www.speakeasy.net -----Original Message----- From: Nick Griffin [mailto:nick.jon.grif...@gmail.com] Sent: Tuesday, July 14, 2009 9:16 AM To: Jonathan Brashear Cc: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] ASA ssh difficulties Make sure ssh is setup for location authentication and possibly regenerate your ssh keys: this is what I usually do: crypto key generate rsa general modul 2048 aaa authentication telnet console LOCAL aaa authentication ssh console LOCAL aaa authentication http console LOCAL aaa authentication serial console LOCAL Nick Griffin, CCIE #17381 Systems Consultant Alexander Open Systems Direct 479.899.6830 ext 2609 AOS Scheduling - 417.888.2675 On Tue, Jul 14, 2009 at 9:05 AM, Jonathan Brashear <jonathan.brash...@hq.speakeasy.net> wrote: I'm a bit stumped on an issue I'm having with a particular 5505. Originally it was inaccessible via ASDM or SSH, but after a reboot it began to allow access via ASDM. However, SSH is still not working. I've verified that the username/pass is correct(it works through the ASDM) and that SSH access is allowed from the relevant IP range(I get to a password prompt), but it refuses to accept known good passwords from multiple accounts. It thinks the password is bad, but only when done via SSH. I haven't run into this issue with other ASAs that are configured identically and I can login to the other ASAs from the same terminal window so it shouldn't be something to do with my terminal emulation. Any thoughts on why this may be happening? Network Engineer, JNCIS-M > 214-981-1954 (office) > 214-642-4075 (cell) > jbrash...@hq.speakeasy.net http://www.speakeasy.net _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/