Local authentication overview
Authentication identifies users, validates their credentials, and grants switch access. Local authentication is either password-based or SSH public key-based.
Password-based local authentication
Validates users with local user name and password credentials
Is supported on all interfaces/channels (SSH, WebUI, Console, REST)
Is enabled by default but can be superseded by remote authentication or with SSH client using SSH public key authentication
SSH public key-based local authentication
Validates users identified with SSH public keys stored in the local user database
Is supported on the SSH interface/channel with SSH client
Takes precedence over password-based authentication whether local or remote
Is enabled by default (also requires key configuration to work)