Guest

Preview Tool

Cisco Bug: CSCvu09830 - Pick method list 'default' for NETCONF over SSH

Last Modified

May 14, 2020

Products (1)

  • Cisco IOS

Known Affected Releases

16.12.3 17.1.1

Description (partial)

Symptom:
Enable AAA authentication debugs:
<div style="font-family:courier;white-space:pre;">
Router# debug aaa authentication 
</div>

Use NETCONF over SSH:
<div style="font-family:courier;white-space:pre;">
Client:
ssh -2 -p 830 -s user@1.2.3.4 netconf
</div>

The logs display that the 'default' method list is used:
<div style="font-family:courier;white-space:pre;">
AAA/AUTHEN/LOGIN (00000000): Pick method list 'default' 
</div>

Conditions:
Use AAA, don't apply the default method list, use any other type of method instead:
<div style="font-family:courier;white-space:pre;">
Router#show run | sec aaa
aaa new-model
aaa authentication login default local
aaa authentication login custom group tacacs+ local
aaa authorization exec default local 
aaa authorization exec custom group tacacs+ local 
aaa session-id common

Router#show run | sec vty
line vty 0 4
 login authentication custom
 rotary 1
 transport input all
line vty 5 15
 rotary 1
</div>
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.