ssh public key auth with tacacs+ enabled
I have configured tacacs+ authentication in LTM box that is running 10.2 software - works like a charm. But I have also configured one local account and trying to get ssh public key to work. I get log like this:
Feb 8 21:28:26 local/lb1-1 notice sshd[19611]: pam_tacplus: user not authenticated by TACACS+
Feb 8 21:28:26 local/lb1-1 crit sshd[19612]: fatal: Access denied for user test by PAM account configuration
Feb 8 21:28:26 local/lb1-1 info sshd(pam_audit)[19611]: user=test(test) partition=[All] level=Administrator tty=ssh host=x.x.x.x attempts=1 start="Wed Feb 8 21:28:26 2012" end="Wed Feb 8 21:28:26 2012".
Feb 8 21:28:26 local/lb1-1 info sshd(pam_audit)[19611]: 01070417:6: AUDIT - user test - RAW: sshd(pam_audit): user=test(test) partition=[All] level=Administrator tty=ssh host=194.126.115.33 attempts=1 start="Wed Feb 8 21:28:26 2012" end="Wed Feb 8 21:28:26 2012".
is it by design like this?
If I disable remote authentication, then I can log in without password. Tried to change "terminal access" from advanced shell to tmsh as well, but it did not help...
Any ideas?