PAM Auto login failed using Telnet Access to Cisco Devices

Document ID : KB000105729
Last Modified Date : 09/07/2018
Show Technical Document Details
Issue:
I have configured Cisco Devices for Telnet access and assigned correct target account in the Policy setup so user can access directly via PAM. However, auto login failed.

Failed Auto Login - Telnet Access

Application setup is using cisco target connector and regular expression within the script processor fields had been adjusted to match the Telnet login prompt, but the problem is persisted. Notice that the login prompt is 'username:', all in lower cases.
Environment:
All PAM versions
Cause:
For auto login to work using Telnet access PAM required the following login prompt.
   Username:

Notice that it has capital 'U' in the 'Username:' prompt. Cisco target connector type makes no bearing to this auto login issue. This target connector is being used to verify or update password in the device. So the regular expression setup will not address this auto login issue.

 
Resolution:
Unfortunately this is hard-coded within PAM and to address this issue we should change the configuration of the Cisco device so it gives above Telnet login prompt as required.
The recommendation is to use more secure SSH access rather than Telnet access.