Guest

Preview Tool

Cisco Bug: CSCub21940 - "feature sftp-server" only works with "admin" user account even with AAA

Last Modified

Feb 03, 2016

Products (1)

  • Cisco 1000 Series Connected Grid Routers

Known Affected Releases

5.2(1)CG2(0.232)

Description (partial)

Symptom:
If "feature scp-server" is enabled, only the admin user can log into the CGR. 

With "feature sftp-server" enabled (which uses the SSHd mechanism), only the "admin" user account can be used to log into the CGR. When using a valid set of credentials that exist in the AAA server, no other user can be used. This means that the "admin" user account has to be replicated in the external AAA database which may violate some company's security policy since it is a "known" username and some AAA servers treat this account differently than others.

The normal SSH process allows valid AAA user credentials.


Conditions:
"feature scp-server" is enabled
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.