Local authentication overview

Authentication identifies users, validates their credentials, and grants switch access. Local authentication is either password-based or SSH public key-based.

Password-based local authentication

  • Validates users with local user name and password credentials

  • Is supported on all interfaces/channels (SSH, WebUI, Console, REST)

  • Is enabled by default but can be superseded by remote authentication or with SSH client using SSH public key authentication

SSH public key-based local authentication

  • Validates users identified with SSH public keys stored in the local user database

  • Is supported on the SSH interface/channel with SSH client

  • Takes precedence over password-based authentication whether local or remote

  • Is enabled by default (also requires key configuration to work)