For certain switches in enhanced secure mode, all sensitive files are protected. The home directory for enhanced secure mode is /intflash/shared. You cannot access any sensitive files using Telnet, SSH, FTP, SFTP, TFTP, and SCP connections. For more information, see Sensitive File Protection.
The following table lists the access levels and file names you can use for storing the SSH client authentication information using RSA.
Client key format or WSM |
Access level |
File name |
---|---|---|
Client key in IETF format with enhanced secure mode disabled. |
RWA |
/flash/.ssh/rsa_key_rwa |
RW |
/flash/.ssh/rsa_key_rw |
|
RO |
/flash/.ssh/rsa_key_ro |
|
L3 |
/flash/.ssh/rsa_key_rwl3 |
|
L2 |
/flash/.ssh/rsa_key_rwl2 |
|
L1 |
/flash/.ssh/rsa_key_rwl1 |
|
Client key with enhanced secure mode enabled Note: Exception: does not apply to VSP 8600
Series.
|
administrator |
/intflash/shared/rsa_key_admin |
operator |
/intflash/shared/rsa_key_operator |
|
security |
/intflash/shared/rsa_key_security |
|
privilege |
/intflash/shared/rsa_key_priv |
|
auditor |
/intflash/shared/rsa_key_auditor |
|
Client key with enhanced secure mode enabled Note: Exception: only applies to VSP 8600
Series.
|
administrator |
/intflash/.ssh/rsa_key_admin |
operator |
/intflash/.ssh/rsa_key_operator |
|
security |
/intflash/.ssh/rsa_key_security |
|
privilege |
/intflash/.ssh/rsa_key_priv |
|
auditor |
/intflash/.ssh/rsa_key_auditor |
|
administrator |
/intflash/.ssh/rsa_key_admin |