Associating An Ssl Server Policy With The Ftp Service - H3C S5500-HI Series Fundamentals Configuration Manual
Hide thumbs
Also See for S5500-HI Series:
- Mpls configuration manual (400 pages) ,
- Command reference manual (311 pages) ,
- Fundamentals configuration manual (180 pages)
Table of Contents
Advertisement
To assign an FTP user write access (including upload, delete, and create) to the device, assign level-3
(Manage) user privileges to the user. For read-only access to the file system, any user privilege level is
OK.
For more information, see Security Configuration Guide.
To configure authentication and authorization for the FTP server:
Step
1.
Enter system view.
2.
Create a local user
account and enter
its view.
3.
Set a password for
the user account.
Assign FTP service
4.
to the user account
5.
Configure
authorization
attributes.
For more information about the local-user, password, service-type ftp, and authorization-attribute
commands, see Security Command Reference.
Associating an SSL server policy with the FTP service
For two devices that support secure FTP, you can associate an SSL server policy with the FTP service on
the FTP server. Then, the FTP connection will be established over an SSL connection.
Before associating an SSL server policy with the FTP service, you must create the policy and disable FTP
server.
To associate an SSL server policy with the FTP service:
Step
1.
Enter system view.
2.
Associate an SSL server policy
with the FTP service.
Command
system-view
local-user user-name
password [ [ hash ] { cipher |
simple } password ]
service-type ftp
authorization-attribute { acl
acl-number | callback-number
callback-number | idle-cut minute
| level level | user-profile
profile-name | user-role { guest |
guest-manager | security-audit } |
vlan vlan-id | work-directory
directory-name } *
Command
system-view
ftp server ssl-server-policy
policy-name
76
Remarks
N/A
By default, no local user account authorized
with the FTP service exists, and the system
does not support FTP anonymous user access.
N/A
By default, no service type is specified. If the
FTP service is specified, the root directory of
the device is by default used.
Optional.
By default, the FTP users can access the root
directory of the device, and the user level is 0.
You can change the default configuration by
using this command.
Remarks
N/A
Optional.
By default, no SSL server policy is
associated with the FTP service.
This command is available only in
Release 5206 and later.
Advertisement
Table of Contents
