Filter
Top Products
53
Enhancements
Release K.12.06 Enhancements
Operating Notes
Caution
■ When you first enter the include-credentials command to save the additional security
credentials to the running configuration, these settings are moved from internal storage on
the switch to the running-config file.
You are prompted by a warning message to perform a write memory operation to save the security
credentials to the startup configuration. The message reminds you that if you do not save the
current values of these security settings from the running configuration, they will be lost the next
time you boot the switch and will revert to the values stored in the startup configuration.
■ When you boot a switch with a startup configuration file that contains the include-credentials
command, any security credentials that are stored in internal flash memory are ignored and
erased. The switch will load only the security settings in the startup configuration file, if any.
■ In software releases earlier than K.12.06, configuration changes to some security credentials
(described in “Security Settings that Can Be Saved” on page 44) are applied immediately and
saved in internal storage (flash memory) on the switch. They do not require you to enter the
write memory command to permanently save them in the startup configuration.
However, in software release K.12.06 and greater, this switch behavior changes. Security settings
are no longer automatically saved internally in flash memory and loaded with the startup
configuration when a switch boots up. The configuration of all security credentials requires that
you use the write memory command to save them in the startup configuration in order for them
to not be lost when you log off or reboot the switch. A warning message reminds you to
permanently save a security setting, which was formerly automatically saved in internal flash,
after you configure it.
■ After you enter the include-credentials command, the currently configured manager and
operator usernames and passwords, RADIUS shared secret keys, SNMP and 802.1X
authenticator (port-access) security credentials, and SSH client public-keys are saved in the
running configuration.
Use the no include-credentials command to disable the display and copying of these security
parameters from the running configuration (using the show running-config and copy running-config
commands), without disabling the configured security settings on the switch.
After you enter the include-credentials command, you can toggle between the non-display and
display of security credentials in show and copy command output by alternately entering the no
include-credentials and include-credentials commands.