HPE FlexNetwork 10500 Series Security Configuration Manual page 432
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
•
If you choose to continue, the device accesses the server and downloads the server's host
public key.
•
If you choose to not continue, the connection cannot be established.
As a best practice, configure the server's host public key on the device in an insecure network.
After the connection is established, you are in SFTP client view of the server and can perform file or
directory operations.
The client cannot establish connections to both IPv4 and IPv6 SFTP servers.
To establish a connection to an IPv4 SFTP server:
Task
Command
•
Establish a
connection to an
IPv4 SFTP
server.
•
To establish a connection to an IPv6 SFTP server:
In non-FIPS mode:
sftp server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key { dsa |
ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | rsa |
{ x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain
domain-name } } | prefer-compress zlib |
prefer-ctos-cipher { 3des-cbc | aes128-cbc |
aes128-ctr | aes128-gcm | aes192-ctr | aes256-cbc
| aes256-ctr | aes256-gcm | des-cbc } |
prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } | prefer-kex
{ dh-group-exchange-sha1 | dh-group1-sha1 |
dh-group14-sha1 | ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } | prefer-stoc-cipher
{ 3des-cbc | aes128-cbc | aes128-ctr | aes128-gcm
| aes192-ctr | aes256-cbc | aes256-ctr |
aes256-gcm | des-cbc } | prefer-stoc-hmac { md5 |
md5-96 | sha1 | sha1-96 | sha2-256 | sha2-512 } ] *
[ dscp dscp-value | { public-key keyname |
server-pki-domain domain-name } | source
{ interface interface-type interface-number | ip
ip-address } ] *
In FIPS mode:
sftp server [ port-number ] [ vpn-instance
vpn-instance-name ] [ identity-key
{ ecdsa-sha2-nistp256 | ecdsa-sha2-nistp384 | rsa
| { x509v3-ecdsa-sha2-nistp384 |
x509v3-ecdsa-sha2-nistp256 } pki-domain
domain-name } | prefer-compress zlib |
prefer-ctos-cipher { aes128-cbc | aes128-ctr |
aes128-gcm | aes192-ctr | aes256-cbc | aes256-ctr
| aes256-gcm } | prefer-ctos-hmac { sha1 | sha1-96
| sha2-256 | sha2-512 } | prefer-kex
{ dh-group14-sha1 | ecdh-sha2-nistp256 |
ecdh-sha2-nistp384 } | prefer-stoc-cipher
{ aes128-cbc | aes128-ctr | aes128-gcm |
aes192-ctr | aes256-cbc | aes256-ctr |
aes256-gcm } | prefer-stoc-hmac { sha1 | sha1-96 |
sha2-256 | sha2-512 } ] * [ { public-key keyname |
server-pki-domain domain-name } | source
{ interface interface-type interface-number | ip
ip-address } ] *
415
Remarks
Available in user view.
Advertisement
Table of Contents
Troubleshooting
