SSH Switch Credentials

In this section you will be able to securely store your switches SSH credentials along with set permissions per switch.


Figure 1

In the example figure 1, you can see a list of SSH Switch credential profiles showing the the many security options that you can implement.

How to add a credential profile.

(Reference Figure 2)

1 Navigate to Settings > Switch Configuration > SSH Switch Credentials

2 Tap the + icon to add a new SSH Switch Credential.

This image has an empty alt attribute; its file name is ifthen_nav-1024x736.png
Figure 2

3 Enter a name for the switch profile. (Reference Figure 3)

4 Enter the management address that would be detected via LLDP or CDP. Note: If the Pro is plugged into the switch that you are adding and it has detected the management IP via LLDP you can tap the arrow next to the address input field to auto input the management address of the switch you are plugged into.

5 Enter the username used for the SSH session with the switch.

6 If you switch requires the use of a Public Key file you can enable it in the Enable password Key toggle. Requirement: the key within the PK file will have to be imported in the PK key menu before adding this SSH switch profile.

7 Enter the password, as long as you are not using a Public Key file.

8 If you required, enable VLAN restriction via the toggle. Separate allowed VLAN ids with a comma.

8 You can disable IF/Then execution for this SSH switch profile and prevent the user the access of running IF/THEN Templates on the switch in question.

9 You can enable the use of IF/THEN manual switch selection for this SSH Switch profile.

10 Per the SSH Switch profile, you can disable or enable log saving to the history entry. This can be used to prevent the end-user from having access to data that they are not authorized to have access to.

11 You have the ability to disable or enable writing running-config to startup-config via the Save to startup config toggle.

12 If you do not want the user to have access to be able to export this switch creational profile enable the Disable export toggle.

13 Select which switch os that the switch you will be connecting to is running. If the switch os is not listed, select generic and you will be able to build your own custom IF/THEN statement for the given switch syntax.

This image has an empty alt attribute; its file name is add-step-1024x736.png
Figure 3

How to export all switch credentials.

(Reference Figure 4)

1 Within the SSH Switch credentials menu, tap the up arrow on the top left menu.

2 Select Yes or No to disable all future exports for this SSH switch profile once it is imported to another Pro.

Figure 4

How to Import a credentials.

1 Navigate to the SSH switch credentials menu and tap on the down arrow button.

2 In the “Import SSH Credentials” menu tap on “Choose File” to browse for the Credential import file. File ext ne1cred.

3 Enter in the password for this creditaln import file.

4 Tap the “Import” button to start the import process in the background.

5 Now all of the credentials and credential profile settings will be imported in the background. You should see the credential count on the top of the menu increase as the import runs.

Note: If there is an SSH credential entry with the same management IP address already in the netool’s credential database, then this previous entry will be overwritten.