Since EOS runs a non-standard shell FastCli (as I see on
$ rsync -avz admin@arista:/tmp/myfile.txt . admin@arista's password: protocol version mismatch -- is your shell clean? (see the rsync man page for an explanation) rsync error: protocol incompatibility (code 2) at compat.c(174) [Receiver=3.0.9] $ ssh admin@arista /bin/true admin@arista's password: > /bin/true % Invalid input at line 1
This works as long as you connect directly in a privileged shell. By default you don’t, and you need to run the “enable” command first. One way to land directly in a privileged shell for a locally defined user is to make sure the user is configured with the “privilege 15” option.
e.g. the running config should contain this: username foo privilege 15 secret … instead of: username foo secret …
I have this issue specifically with sftp and my user account does have priv 15 configured.
Mikes-MacBook-Pro:.ssh mcotrone$ sftp email@example.com
username mcotrone privilege 15 secret 5 <snipped>
Am I missing anything else?
In order to use SCP/SFTP, users need to be at enable level already (you have that with ”privilege 15”) and have explicit exec authorization for the user type in question (i.e. local or group). Since I am assuming you are using local auth, all you should need to do is add:
aaa authorization exec default local
Andrei perfect and thank you!
How would we authorize an account to have sftp privileges using TACACS/Radius?
These are my settings and I still receive the error message above:
Post your Answer
You must be logged in to post an answer.