/pubkey2
# Upload the local file pu to the server, save it as puk, and verify the result.
sftp> put pu puk
Uploading pu to / puk
sftp> dir -l
-rwxrwxrwx
-rwxrwxrwx
-rwxrwxrwx
drwxrwxrwx
drwxrwxrwx
-rwxrwxrwx
-rwxrwxrwx
sftp>
# Exit SFTP client view.
sftp> quit
<SwitchA>
SCP file transfer with password authentication
Unless otherwise noted, devices in the configuration example are in non-FIPS mode.
When you configure SCP on a device that operates in FIPS mode, follow these restrictions and
guidelines:
•
The modulus length of the key pair must be 2048 bits.
When the device acts as an SCP server, only RSA and ECDSA key pairs are supported.
•
Network requirements
As shown in
•
You can log in to Switch B through the SCP client that runs on Switch A.
After login, you are assigned the user role network-admin and can securely transfer files with
•
Switch B.
Switch B uses the password authentication method.
•
The client's username and password are saved on Switch B.
•
Figure 101 Network diagram
Configuration procedure
1.
Configure the SCP server:
# Generate RSA key pairs.
<SwitchB> system-view
1 noone
nogroup
1 noone
nogroup
1 noone
nogroup
1 noone
nogroup
1 noone
nogroup
1 noone
nogroup
1 noone
nogroup
Figure
101:
100% 225
1759 Aug 23 06:52 config.cfg
225 Aug 24 08:01 pubkey2
283 Aug 24 07:39 pubkey
0 Sep 01 06:22 new
0 Sep 02 06:33 new2
283 Sep 02 06:35 pub
283 Sep 02 06:36 puk
337
1.4KB/s
00:00