Configuring Secure Shell (SSH)
General Operating Rules and Notes
General Operating Rules and Notes
■ Public keys generated on an SSH client must be exportable to the switch.
The switch can only store 10 client key pairs.
■ The switch’s own public/private key pair and the (optional) client public
key file are stored in the switch’s flash memory and are not affected by
reboots or the erase startup-config command.
■ Once you generate a key pair on the switch you should avoid re-generating
the key pair without a compelling reason. Otherwise, you will have to re-
introduce the switch’s public key on all management stations (clients)
you previously set up for SSH access to the switch. In some situations this
can temporarily allow security breaches.
■ The switch does not support outbound SSH sessions. Thus, if you Telnet
from an SSH-secure switch to another SSH-secure switch, the session is
not secure.
❥ With SSH running, the switch allows one console session and up to five
other sessions (SSH and/or Telnet).
7-7
