Copying client key files
Only one ssh client key for authenticating the
manager is allowed on a switch. The copy
command
allows you to copy the client key files using sftp
, tftp
,
and usb
or xmodem
, allowing
encryption and authentication through SSH. There is no way to generate
the private key on the switch; it must be copied onto the switch.
To load the client's private key onto the switch, use one of the following commands:
Syntax:
copy sftp ssh-client-key [user <username>|<username@>] <hostname|IPv4|IPv6> <private-key-filename> [port|<tcp-port-num>]
copy tftp ssh-client-key <hostname|IPv4|IPv6> <private-key-filename>
copy usb ssh-client-key <private-key-filename>
copy xmodem ssh-client-key
Copies the client key file <private-key-filename>onto the switch.
ssh-client-key
: The client
key file being copied to the switch. The file must contain an RSA
or DSA key.
[user <username|username@>]
:
Optional, there must be configured usernames for operator and manager.
If no username
is specified,
the client's current username
is used. There
will be a prompt for a password if needed.
hostname
: Specifies the hostname
of the SFTP or TFTP server.
IPv4
: Specifies the SFTP or
TFTP server's IPv4 address.
IPv6
: Specifies the SFTP or
TFTP server's IPv6 address.
<private-key-filename>
:
The remote filename containing the key.
[port <tcp-port-num>]
:
TCP port of the SSH server on the remote system.
The copied private key is stored in the ssh directory
of the switch file system and is persistent across switch reboots.
After the initial copying is complete, the client key can be overwritten
by repeating the copy
command. No verification
of the validity of the key is done when executing the copy
command.