Switch SSH and user password authentication

This option is a subset of full certificate authentication of the client public-key authentication shown in Client public-key authentication (login/operator level) with user password authentication (enable/manager level). It occurs if the switch has SSH enabled but does not have login access (login public-key) configured to authenticate the client’s key. As in Client public-key authentication (login/operator level) with user password authentication (enable/manager level), the switch authenticates itself to SSH clients. Users on SSH browser then authenticate themselves to the switch (login and/or enable levels) by providing passwords stored locally on the switch or on a TACACS+ or RADIUS server. However, the client does not use a certificate to authenticate itself to the switch.

Figure 89100: Switch/user authentication