General operating rules and notes

  • Public keys generated on an SSH client must be exportable to the switch. The switch can store 10 client key pairs.

  • The switch public/private key pair and the (optional) client public-key file are stored permanently in the switch memory and are unaffected by the erase startup-config command.

  • Once you generate a key pair on the switch, you must avoid regenerating the key pair without a compelling reason. Otherwise, you must reintroduce the switch public key on all management stations (clients) you previously set up for SSH access to the switch. This can temporarily allow security breaches.

  • With SSH running, the switch allows one console session and up to five other sessions (SSH and/or Telnet).