10 – Index
Option 82 … 8-6, 8-9
statistics … 8-6
untrusted-policy … 8-10
verify … 8-6
source port filters
configuring … 9-4
named … 9-6
operating rules … 9-4
See also named source port filters.
selection criteria … 9-3
spanning tree
edge port configuration … 3-22, 10-26
security features … 1-8
spoofing
protection against … 8-24
SSH
authenticating switch to client … 6-3
authentication, client public key … 6-2
authentication, user password … 6-2
caution, security … 6-19
cipher … 6-17
CLI commands … 6-9
client behavior … 6-15, 6-16
client public-key authentication … 6-21, 6-24
client public-key, clearing … 6-29
client public-key, creating file … 6-26
client public-key, displaying … 6-28
configuring authentication … 6-20
configuring key lengths … 6-13
crypto key … 6-11
disabling … 6-11
enable … 6-16, 7-19
enabling … 6-15
erase host key pair … 6-11
filetransfer … 6-17
generate host key pair … 6-11
generating key pairs … 6-10
host key pair … 6-11
ip-version … 6-17
key, babble … 6-12
key, fingerprint … 6-12
keys, zeroing … 6-11
keysize … 6-13
known-host file … 6-14, 6-15
mac selection … 6-18
man-in-the-middle spoofing … 6-16
messages, operating … 6-30
OpenSSH … 6-3
operating rules … 6-8
outbound SSH not secure … 6-8
password security … 6-20
password-only authentication … 6-20
passwords, assigning … 6-9
PEM … 6-3
prerequisites … 6-5
private keys not saved to configuration
file … 2-21
public key … 6-5, 6-14
public key, displaying … 6-14
public key, saving to configuration file … 2-11,
2-16
reserved IP port numbers … 6-19
security … 6-19
SSHv2…6-2
steps for configuring … 6-6
switch key to client … 6-13
terminology … 6-3
unauthorized access … 6-30
version … 6-2
zeroing a key … 6-11
zeroize … 6-11
SSL
CA-signed … 7-3, 7-15
CA-signed certificate … 7-3, 7-15
CLI commands … 7-7
client behavior … 7-17, 7-18
crypto key … 7-10
disabling … 7-9, 7-17
enabling … 7-17
erase certificate key pair … 7-9
erase host key pair … 7-9
generate CA-signed … 7-15
generate CA-signed certificate … 7-15
generate host key pair … 7-9
generate self-signed … 7-12
generate self-signed certificate … 7-9, 7-12
generate server host certificate … 7-9
generating Host Certificate … 7-8
host key pair … 7-9
key, babble … 7-12
key, fingerprint … 7-12
man-in-the-middle spoofing … 7-18
OpenSSL … 7-2
operating notes … 7-6
operating rules … 7-6
passwords, assigning … 7-7
