H3C S9500E Series Security Configuration Manual page 149

For user client001, set the service type as SFTP, authentication type as publickey, public key as
Switch001, and working folder as cfa0:/
[SwitchB] ssh user client001 service-type sftp authentication-type publickey assign
publickey Switch001 work-directory cfa0:/
Configure the SFTP client (Switch A)
2.
Configure an IP address for VLAN interface 1.
<SwitchA> system-view
[SwitchA] interface vlan-interface 1
[SwitchA-Vlan-interface1] ip address 192.168.0.2 255.255.255.0
[SwitchA-Vlan-interface1] quit
Generate RSA key pairs.
[SwitchA] public-key local create rsa
Export the host public key to file pubkey.
[SwitchA] public-key local export rsa ssh2 pubkey
[SwitchA] quit
After generating key pairs on a client, you need to transmit the saved public key file to the server through
FTP or TFTP and have the configuration on the server done before continuing configuration of the client.
Establish a connection to the remote SFTP server and enter SFTP client view.
<SwitchA> sftp 192.168.0.1 identity-key rsa
Input Username: client001
Trying 192.168.0.1 ...
Press CTRL+K to abort
Connected to 192.168.0.1 ...
The Server is not authenticated. Continue? [Y/N]:y
Do you want to save the server public key? [Y/N]:n
sftp-client>
Display files under the current directory of the server, delete the file named z, and check if the file
has been deleted successfully.
sftp-client> dir
-rwxrwxrwx
-rwxrwxrwx
-rwxrwxrwx
drwxrwxrwx
-rwxrwxrwx
-rwxrwxrwx
sftp-client> delete z
The following File will be deleted:
/z
Are you sure to delete it? [Y/N]:y
This operation may take a long time.Please wait...
1 noone nogroup
1 noone nogroup
1 noone nogroup
1 noone nogroup
1 noone nogroup
1 noone nogroup
1759 Aug 23 06:52 config.cfg
225 Aug 24 08:01 pubkey2
283 Aug 24 07:39 pubkey
0 Sep 01 06:22 new
225 Sep 01 06:55 pub
0 Sep 01 08:00 z
149