HP 6125XLG Configuration Manual page 145
Blade switch security configuration guide
Hide thumbs
Also See for 6125XLG:
- Layer 3 - ip routing configuration manual (492 pages) ,
- Command reference manual (466 pages) ,
- Configuration manual (414 pages)
Table of Contents
Advertisement
When an SFTP client accesses an SFTP server, it uses the locally saved host public key of the server to
authenticate the server. When acting as an SFTP client, the device supports the first authentication by
default. When the device accesses an SFTP server for the first time but it is not configured with the host
public key of the SFTP server, it can access the server and locally save the server's host public key for
future use. In a secure network, the first authentication can simplify the configuration on the SFTP client,
but it is not reliable.
To establish a connection to an SFTP server:
Task
Command
•
Establish a
•
connection to an
SFTP server.
Establish a connection to an IPv4 SFTP server:
In non-FIPS mode:
sftp server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key { dsa | rsa } |
prefer- compress zlib | prefer-ctos-cipher { 3des |
aes128 | aes256 | des } | prefer-ctos-hmac { md5 |
md5-96 | sha1 | sha1-96 } | prefer-kex
{ dh-group-exchange | dh-group1 | dh-group14 } |
prefer-stoc-cipher { 3des | aes128 | aes256 | des } |
prefer-stoc-hmac { md5 | md5-96 | sha1 |
sha1-96 } ] * [ publickey keyname | source { interface
interface-type interface-number | ip ip-addres} ] *
In FIPS mode:
sftp server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key rsa |
prefer-compress zlib | prefer-ctos-cipher { aes128 |
aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } |
prefer-kex dh-group14 | prefer-stoc-cipher { aes128
| aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *
[ publickey keyname | source { interface
interface-type interface-number | ip ip-address } ] *
Establish a connection to an IPv6 SFTP server:
In non-FIPS mode:
sftp ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key { dsa | rsa } | prefer-
compress zlib | prefer-ctos-cipher { 3des | aes128 |
aes256 | des } | prefer-ctos-hmac { md5 | md5-96 |
sha1 | sha1-96 } | prefer-kex { dh-group-exchange |
dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des
| aes128 | aes256 | des } | prefer-stoc-hmac { md5
| md5-96 | sha1 | sha1-96 } ] * [ publickey keyname
| source { interface interface-type interface-number |
ipv6 ipv6-addres} ] *
In FIPS mode:
sftp ipv6 server [ port-number ] [ vpn-instance
vpn-instance-name ] [ -i interface-type
interface-number ] [ identity-key rsa |
prefer-compress zlib | prefer-ctos-cipher { aes128 |
aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } |
prefer-kex dh-group14 | prefer-stoc-cipher { aes128
| aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *
[ publickey keyname | source { interface
interface-type interface-number | ipv6 ipv6-addres} ]
*
136
Remarks
Use one of the commands.
Available in user view.
Advertisement
Table of Contents
Troubleshooting
