Establishing A Connection To An Scp Server - HP MSR Series Configuration Manual
Hpe flexnetwork msr router series
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
•
SSH supports locally generated DSA and RSA key pairs only with default names.
•
The SCP client operating in FIPS mode supports only RSA key pairs. Do not generate local
DSA key pairs when the device operates as an SCP client in FIPS mode.
•
The key modulus length must be less than 2048 bits when you generate a DSA key pair.
Configuration procedure
To generate local DSA or RSA key pairs on the SCP client:
Step
1.
Enter system view.
2.
Generate local DSA or RSA
key pairs.
Establishing a connection to an SCP server
When you try to access an SCP server, the device must use the server's host public key to
authenticate the server. If the server's host public key is not configured on the device, the device will
notify you to confirm whether to continue with the access.
•
If you choose to continue, the device accesses the server and downloads the server's host
public key.
•
If you choose to not continue, the connection cannot be established.
In an insecure network, Hewlett Packard Enterprise recommends that you configure the server's
host public key on the device.
To establish a connection to an IPv4 SCP server:
Task
Connect to an IPv4 SCP
server, and transfer files
with the server.
To establish a connection to an IPv6 SCP server:
Command
system-view
public-key local create { dsa |
rsa }
Command
•
In non-FIPS mode:
scp server [ port-number ] [ vpn-instance
vpn-instance-name ] { put | get } source-file-name
[ destination-file-name ] [ identity-key { dsa | rsa } |
prefer-compress zlib | prefer-ctos-cipher { 3des |
aes128 | aes256 | des } | prefer-ctos-hmac { md5 |
md5-96 | sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 | dh-group14 } |
prefer-stoc-cipher { 3des | aes128 | aes256 | des } |
prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 }]
* [ publickey keyname | source { interface
interface-type interface-number | ip ip-address } ] *
•
In FIPS mode:
scp server [ port-number ] [ vpn-instance
vpn-instance-name ] { put | get } source-file-name
[ destination-file-name ] [ identity-key rsa |
prefer-compress zlib | prefer-ctos-cipher { aes128 |
aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } |
prefer-kex dh-group14 | prefer-stoc-cipher
{ aes128 | aes256 } | prefer-stoc-hmac { sha1 |
sha1-96 }] * [ publickey keyname | source
{ interface interface-type interface-number | ip
ip-address } ] *
407
Remarks
N/A
By default, no DSA or RSA key
pairs exist on an SCP client.
Remarks
Available in user
view.
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
