Configuring the device as an SFTP client
SFTP client configuration task list
Tasks at a glance
(Required.)
(Optional.)
Specifying the source IP address for SFTP packets
(Required.)
(Optional.)
Establishing a connection to an SFTP server based
on Suite B
(Optional.)
Working with SFTP directories
(Optional.)
Working with SFTP files
(Optional.)
Displaying help information
(Optional.)
Terminating the connection with the SFTP server
Generating local key pairs
Generate local key pairs on the SFTP client when the SFTP server uses the authentication method
publickey, password-publickey, or any.
Configuration restrictions and guidelines
When you generate local key pairs on an SFTP client, follow these restrictions and guidelines:
•
Local DSA, ECDSA, and RSA key pairs for SSH use default names. You cannot assign names
to the key pairs.
•
The SFTP client operating in FIPS mode supports only ECDSA and RSA key pairs.
•
The key modulus length must be less than 2048 bits when you generate a DSA key pair.
Configuration procedure
To generate local key pairs on the SFTP client:
Step
1.
Enter system view.
2.
Generate local key pairs.
Specifying the source IP address for SFTP packets
As a best practice, specify the IP address of the loopback interface as the source address of SFTP
packets for the following purposes:
•
Ensuring the communication between the SFTP client and the SFTP server.
•
Improving the manageability of SFTP clients in authentication service.
To specify the source IP address for SFTP packets:
Generating local key pairs
Establishing a connection to an SFTP server
Command
system-view
public-key local create { dsa |
ecdsa { secp256r1 | secp384r1 }
| rsa }
321
Remarks
Only required when the SFTP server uses
the authentication method publickey,
password-publickey, or any.
N/A
N/A
N/A
N/A
N/A
N/A
N/A
Remarks
N/A
By default, no local key pairs exist
on an SFTP client.