Very important for networks that need to be highly secure
SSH Public Key Authentication on Cisco IOS
Previously I wrote about how to enable SSH access to your Cisco switch by enabling the setting in the GUI interface. This is great if you want to access your switch CLI over an encrypted connection, but it still relies on only a username and password.
If you are using this switch in a highly sensitive network that requires high security, you may want to consider enabling public key authentication for your SSH connection. For maximum security, you can enable a username/password and public key authentication for access to your switch.
In this article I will show you how to enable public key authentication on a SG300 Cisco switch and how to generate the public and private key pairs using puTTYGen. I will then show you how to log in using the new keys. Additionally, I will show you how to configure it so that you can use just the key to log in or force the user to enter a username/password along with the private key.
