This post is more than 5 years old
23 Posts
0
43504
5324 SSH running but not prompting for password, and not running through my firewall
I've picked up a Dell Powerconnect 5324 off ebay and wiped the configs, updated the firmware and got it mostly set up for what my needs are but I'm not sure why SSH while enabled and working locally in the same subnet as the vlan ip has the following two problems:
1. SSH works but only asks for "login as:" then "User Name:" and never prompts for password. It goes straight to an enable prompt
2. I can't get it to work through my firewall's DNAT. This isn't critical but I removed the access-list I had just to test and still no go.
Here's my config:
interface port-channel 1
description Fiber4GE
flowcontrol auto
exit
interface port-channel 2
description Copper2GE
flowcontrol auto
exit
interface port-channel 1
switchport mode trunk
exit
interface port-channel 2
switchport mode trunk
exit
interface range ethernet g(19-20)
switchport mode trunk
exit
vlan database
vlan 96,172,192
exit
interface ethernet g1
switchport access vlan 96
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 96
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 172
exit
interface range ethernet g(2-18)
switchport access vlan 192
exit
interface range port-channel (1-2)
switchport trunk allowed vlan add 192
exit
interface ethernet g1
switchport forbidden vlan add 192
exit
interface vlan 96
name Comcast
exit
interface vlan 172
name iSCSI-SAN
exit
interface vlan 192
name Network
exit
interface range ethernet g(19-20)
channel-group 2 mode auto
exit
interface range ethernet g(21-24)
channel-group 1 mode auto
exit
interface vlan 192
ip address 192.168.1.251 255.255.255.0
exit
line console
exec-timeout 20
exit
line ssh
exec-timeout 20
exit
line ssh
password ***redacted*** encrypted
exit
line console
password ***redacted*** encrypted
exit
enable password level 15 ***redacted*** encrypted
username admin password ***redacted*** encrypted
username davery password ***redacted*** level 15 encrypted
ip ssh server
ip https server
clock timezone -8
sntp client enable vlan 192
clock source sntp
sntp unicast client enable
sntp unicast client poll
sntp server 192.168.1.1 poll
ip domain-name local.dom
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 28th, 2014 05:00
I think i see whats missing, need to add this command for it to prompt for the password.
console(config)# aaa authentication login default line
console(config)# line ssh
console(config-line)# login authentication default
let me know if that works
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 27th, 2014 13:00
I would try adding these commands:
#crypto key generate dsa
#crypto key generate rsa
#ip ssh pubkey-auth
Then test again.
davery23
23 Posts
0
February 27th, 2014 16:00
I had dsa and rsa keys generated already and then once I ran
ip ssh pubkey-auth
I disconnected and went to log back in but now my PuTTY SSH sessions are greeted with:
Disconnected: No supported authentication methods available (server sent: publickey)
I went in the registry and deleted my cached key, but still the same result. Now I'll have to wait until I get off work to hook up to the console and undo that command :'(
In the meantime any other idea's why it doesn't prompt for password?
I was assuming the
line ssh
password ***redacted*** encrypted
would be what I would have to enter rather than just my username ^.^
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
February 28th, 2014 07:00
Excellent, glad to hear it.
davery23
23 Posts
0
February 28th, 2014 07:00
That was it!
Thank you!!! :)