Configuring SCP
Overview
Secure copy (SCP) is based on SSH2.0 and offers a secure approach to copying files.
SCP uses SSH connections for copying files. The switch can act as the SCP server, allowing a user to log
in to the switch for file upload and download. The switch can also act as an SCP client, enabling a user
to log in from the switch to a remote server for secure file transfer.
NOTE:
When the switch acts as an SCP server, only one of the FTP, SFTP or SCP user can access the switch.
Configuring the switch as an SCP server
Step
1.
Enter system view.
2.
Configure the SSH
server.
3.
Create an SSH user for a
SCP client, set the
service type to all or scp,
and specify the
authentication method.
4.
Create a user account
and assign a working
directory for the SSH
user on the switch or a
remote server if
password authentication
is used.
When you set the working directory for the user, follow these guidelines:
If only password authentication is used, the working directory specified in the ssh user command
•
does not take effect. You must set the working directory on the remote server or in the local user
account for the SSH user.
If publickey authentication, whether with password authentication or not, is used, you must set the
•
working directory in the ssh user command.
Command
system-view
For more information, see the security
guide for your switch.
ssh user username service-type { all | scp }
authentication-type { password | { any |
password-publickey | publickey } assign
publickey keyname work-directory
directory-name }
•
On the remote server (Details not
shown.)
•
On the switch:
a.
local-user
b.
password
c.
service-type ssh
d.
authorization-attribute
work-directory directory-name
212
Remarks
N/A
N/A
N/A
Skip
this
step
publickey
authentication,
whether
password
authentication
not, is used.
Make sure that the local user
account has the name username
as the username specified in the
ssh user command.
if
with
or