-
Public keys generated on an SSH client must be exportable to the switch. The switch can store 10 client key pairs.
-
The switch own public/private key pair and the (optional) client public-key file are stored in the switch flash memory and are not affected by reboots or the
erase startup-configcommand. -
Once you generate a key pair on the switch you should avoid re-generating the key pair without a compelling reason. Otherwise, you must re-introduce the switch public key on all management stations (clients) you previously set up for SSH access to the switch. In some situations this can temporarily allow security breaches.
-
The switch does not support outbound SSH sessions. Thus, if you Telnet from an SSH-secure switch to another SSH-secure switch, the session is not secure.
-
With SSH running, the switch allows one console session and up to five other sessions (SSH and/or Telnet).