[c-nsp] SSH Authoized Keys?
Chris Riling
criling at gmail.com
Fri May 9 14:46:59 EDT 2008
Thanks for the info! We should get someone to open a feature request...
Chris
On 5/9/08, Darryl Dunkin <ddunkin at netos.net> wrote:
>
> This is what local backup logins are for, you can revert to passwords in
> the rare case it is needed (while having the convenience the other 99.9%
> of the time). Same deal with TACACS, if your servers are unreachable,
> you can still login using a local login/password from the NVRAM.
>
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Colin Whittaker
> Sent: Friday, May 09, 2008 10:41
> To: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] SSH Authoized Keys?
>
> On Fri, May 09, 2008 at 04:59:52PM +0100, Phil Mayers wrote:
> > I've never heard a good justification from Cisco as to why. Does
> anyone
> > know if a bug/feature request was ever opened?
>
> The answer I have heard from Cisco is that doing so would place a
> runtime dependancy on the storage.
> It is reasonably safe to erase the nvram and format the flash on a
> running box. If your authorised keys file was on the flash or nvram then
> it failing would lock you out of the device.
>
> You could put the keys into the config but the config could get messy.
>
> Colin
> --
> Colin Whittaker +353 (0)86 8211 965
> http://colin.netech.ie colin at netech.ie
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list