Forum Discussion
jaikumar_f5
Feb 12, 2019MVP
Hi Brian,
TACACS does not provide direct shell access - bash mode. For a ssh keyless login to work, it require to land in shell mode - bash. Only local user accounts land in direct bash. Remote roles always land in tmsh shell. One has to run 'bash or run until bash' from tmsh to get into bash.
With that being said, you can't configure a TACACS user to do keyless login. You would need to create a local user account, like root an admin accounts. They authenticate locally on the box.
Let's say for ansible you have created an account - ansibleops.
Do you see ansibleops in the auth user list and localuser file.
tmsh list auth user ansibleops
cat /config/bigip/auth/localusers
If tmsh list shows ur ansibleops, and localuser doesn't. You have to add ur ansibleops in that file.