AnsweredAssumed Answered

Unix authentication failing

Question asked by peerb2kk1 on Jul 28, 2015
Latest reply on Jul 29, 2015 by Joe Gregory

Hi All,

 

I've configured a Unix authentication record, with only the username and DSA private key specified (my sshd policy prevents password login). I know that these credentials work, because they're the same ones I use every day.

 

However, when I run a scan, the report always shows "Unix/Cisco IOS authentication failed for 1 host", and I see the following in the secure log:

 

Jul 28 17:13:22 ip-xxx-xxx-xxx-xxx sshd[23654]: Did not receive identification string from yyy-yyy-yyy-yyy

Jul 28 17:13:22 ip-xxx-xxx-xxx-xxx sshd[23684]: Bad protocol version identification '\026\003\001' from yyy-yyy-yyy-yyy

Jul 28 17:13:22 ip-xxx-xxx-xxx-xxx sshd[23685]: Connection closed by yyy-yyy-yyy-yyy [preauth]

Jul 28 17:13:22 ip-xxx-xxx-xxx-xxx sshd[23687]: Accepted publickey for UUUU from yyy-yyy-yyy-yyy port 58223 ssh2

Jul 28 17:13:22 ip-xxx-xxx-xxx-xxx sshd[23687]: pam_unix(sshd:session): session opened for user UUUU by (uid=0)

Jul 28 17:13:26 ip-xxx-xxx-xxx-xxx sshd[23687]: pam_unix(sshd:session): session closed for user UUUU

 

(xxx-xxx-xxx-xxx is the target IP, yyy-yyy-yyy-yyy is the scanner's IP, and UUUU is the login account.)

 

I'm not sure how to continue debugging this. Can anyone provide any pointers?

Outcomes