Welcome to the VanDyke Software Forums

Join the discussion today!

Go Back   VanDyke Software Forums > General


Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 01-22-2016, 10:59 AM
bposner bposner is offline
Registered User
Join Date: Oct 2013
Posts: 3
RSA SecurID PIN setup doesn't work under SSH session

Hey All, got a head scratch-er for ya...

We're implementing RSA SecurID 2-Factor logins for all of our Cisco gear. We currently use Cisco ACS 5.8 and TACACS+ for all of our AAA needs. We've got the RSA server and ACS talking nicely now. However, we cannot seem to get token PINs setup when using an SSH session in SecureCRT. I can use any other SSH software (OSX terminal, Putty on Windows) or a standard Telnet session but NOT an SSH session in SecureCRT.

When we setup a new token, the user connects to a switch/router with their login name and then enters just their token code as read from their hardware or soft token. The systems then processes the user as setting up their PIN and will prompt accordingly. They then enter their PIN twice, once at each prompt, and then, usually they're all set. Any subsequent logins afterwards are performed using their login name and PASSCODE (PIN + TOKENCODE).

This PIN setup process is the one that doesn't work in SecureCRT under an SSH session. Instead of getting the PASSCODE prompt we get a standard Password prompt and no PIN setup dialogs as all. This process works under a telnet session and it works in SSH for other SSH applications... very weird. Once the PIN is setup SSH under SecureCRT works fine. It's just this PIN setup that is borked.

Anyone have any ideas? I have tried enabling "Display logon prompts in the terminal window" in the Logon Actions area for a session but it didn't seem to help.

Reply With Quote

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

All times are GMT -6. The time now is 03:28 AM.