The no include-credentials store-in-config option

The no include-credentials command disables include-credentials. Credentials continue to be stored in the active and inactive configurations, but are not displayed in the config file.

When no include-credentials is used with the store-in-config option, include-credentials is disabled and the credentials stored in the config files are removed. The switch is restored to its default state and only stores one set of operator/manager passwords and SSH keys.

If you choose to execute the no include-credentials store-in-config command, you are also presented with the option of setting new switch passwords.

You are queried about retaining the current SSH authorized keys on the switch. If you enter “y”, the currently active authorized key files are renamed to the pre-include-credentials names, for example:

/file/mgr_auth_keys.2 -> /file/mgr_auth_keys

/file/authorized_keys.2 -> /file/authorized_keys

All remaining authorized keys files with an extension are deleted.

The no include-credentials store-in-config messages and options

switch(config)# no include-credentials store-in-config

This will remove any switch passwords and inactive SSH authorized keys from all
configuration files. This will also restore the functionality to store only a
single set of passwords and authorized keys on the switch.
Do you want to continue (y/n)? y

The SSH authorized keys associated with the active configuration will be deleted.
Would you like to retain these as the switch global SSH authorized keys (y/n)? y

Do you want to set new switch passwords (y/n)? y

operator username: admin
operator password: ********
Confirm password: ********
manager username: GeorgeV
manager password: ********
Confirm password: ********

HP Switch(config)#