故障现象:
ssh登录不成功, debug radius all ,调试authenticate 通过,但是登录失败
报错1::
Apr 23 2018 11:55:51+08:00 XXZY-405-403-FW1 %%01SSH/4/SSH_FAIL(s)[19]:Failed to login through SSH. (IP=10.12.xxx.45, VpnInstanceName=default, UserName=xxxx, Times=1, FailedReason=User password authentication failed)
解决方法:
检查配置发现aaa--->domain-default 下service-type 没有包含administrator-access,修改此配置后,ssh依然不能登录,产生报错2信息
报错2:
Apr 23 2018 11:32:51+08:00 XXZY-405-403-FW1 %%01SSH/4/SSH_FAIL(s)[7]:Failed to login through SSH. (IP=10.12.xx.45, VpnInstanceName=default, UserName=xxxx, Times=1, FailedReason=The user's service type was incorrect)
解决方法:
检查发现全局模式下配置了
ssh user xxx
ssh user xxx authentication-type all
删除配置后问题解决