Cisco Cisco Catalyst 6500 Series 7600 Series ASA Services Module 發佈版本通知
Release Notes for Cisco ASDM, 7.6(x)
First Published: 2016-03-21
Last Modified: 2016-10-24
Release Notes for Cisco ASDM, 7.6(x)
This document contains release information for Cisco ASDM Version 7.6(x) for the Cisco ASA series.
Important Notes
• The ASAv 9.5.2(200) features, including Microsoft Azure support, are not available in 9.6(1). They
are available in 9.6(2).
• ASDM 7.6(2) supports AnyConnect Client profiles in multiple context mode. This feature requires
AnyConnect Version 4.2.00748 or 4.3.03013 and later.
• (ASA 9.6(2)) Upgrade impact when using SSH public key authentication—Due to updates to SSH
authentication, additional configuration is required to enable SSH public key authentication; as a result,
existing SSH configurations using public key authentication no longer work after upgrading. Public key
authentication is the default for the ASAv on Amazon Web Services (AWS), so AWS users will see this
issue. To avoid loss of SSH connectivity, you can update your configuration before you upgrade. Or
you can use ASDM after you upgrade (if you enabled ASDM access) to fix the configuration.
existing SSH configurations using public key authentication no longer work after upgrading. Public key
authentication is the default for the ASAv on Amazon Web Services (AWS), so AWS users will see this
issue. To avoid loss of SSH connectivity, you can update your configuration before you upgrade. Or
you can use ASDM after you upgrade (if you enabled ASDM access) to fix the configuration.
Sample original configuration for a username "admin":
username admin nopassword privilege 15
username admin attributes
username admin attributes
ssh authentication publickey 55:06:47:eb:13:75:fc:5c:a8:c1:2c:bb:
07:80:3a:fc:d9:08:a9:1f:34:76:31:ed:ab:bd:3a:9e:03:14:1e:1b hashed
07:80:3a:fc:d9:08:a9:1f:34:76:31:ed:ab:bd:3a:9e:03:14:1e:1b hashed
To use the ssh authentication command, before you upgrade, enter the following commands:
aaa authentication ssh console LOCAL
username admin password <password> privilege 15
username admin password <password> privilege 15
We recommend setting a password for the username as opposed to keeping the nopassword keyword,
if present. The nopassword keyword means that any password can be entered, not that no password can
be entered. Prior to 9.6(2), the aaa command was not required for SSH public key authentication, so
the nopassword keyword was not triggered. Now that the aaa command is required, it automatically
also allows regular password authentication for a username if the password (or nopassword) keyword
is present.
if present. The nopassword keyword means that any password can be entered, not that no password can
be entered. Prior to 9.6(2), the aaa command was not required for SSH public key authentication, so
the nopassword keyword was not triggered. Now that the aaa command is required, it automatically
also allows regular password authentication for a username if the password (or nopassword) keyword
is present.
Release Notes for Cisco ASDM, 7.6(x)
1