This is what local backup logins are for, you can revert to passwords in the rare case it is needed (while having the convenience the other 99.9% of the time). Same deal with TACACS, if your servers are unreachable, you can still login using a local login/password from the NVRAM.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Colin Whittaker Sent: Friday, May 09, 2008 10:41 To: cisco-nsp@puck.nether.net Subject: Re: [c-nsp] SSH Authoized Keys? On Fri, May 09, 2008 at 04:59:52PM +0100, Phil Mayers wrote: > I've never heard a good justification from Cisco as to why. Does anyone > know if a bug/feature request was ever opened? The answer I have heard from Cisco is that doing so would place a runtime dependancy on the storage. It is reasonably safe to erase the nvram and format the flash on a running box. If your authorised keys file was on the flash or nvram then it failing would lock you out of the device. You could put the keys into the config but the config could get messy. Colin -- Colin Whittaker +353 (0)86 8211 965 http://colin.netech.ie [EMAIL PROTECTED] _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/