Password authentication enabled SFTP server configuration example

As shown in Figure 127, you can log in to the router through the SFTP client that runs on the host. The router acts as the SFTP server and uses password authentication. The username and password of the client are saved on the router.

1. Configure the SFTP server:

   # Generate the RSA key pairs.

   <Router> system-view
   [Router] public-key local create rsa
   The range of public key size is (512 ~ 2048).
   NOTES: If the key modulus is greater than 512,
   It will take a few minutes.
   Press CTRL+C to abort.
   Input the bits of the modulus[default = 1024]:
   Generating Keys...
   ++++++++
   ++++++++++++++
   +++++
   ++++++++
   

   # Generate a DSA key pair.

   [Router] public-key local create dsa
   The range of public key size is (512 ~ 2048).
   NOTES: If the key modulus is greater than 512,
   It will take a few minutes.
   Press CTRL+C to abort.
   Input the bits of the modulus[default = 1024]:
   Generating Keys...
   ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
   +++++++++++++++++++++++++++++++++++
   

   # Enable the SSH server function.

   [Router] ssh server enable
   

   # Enable the SFTP server.

   [Router] sftp server enable
   

   # Configure an IP address for interface Ethernet 1/1. The client uses this address as the destination for SSH connection.

   [Router] interface ethernet 1/1
   [Router-Ethernet1/1] ip address 192.168.1.45 255.255.255.0
   [Router-Ethernet1/1] quit
   

   # Set the authentication mode of the user interfaces to AAA.

   [Router] user-interface vty 0 4
   [Router-ui-vty0-4] authentication-mode scheme
   

   # Enable the user interfaces to support SSH.

   [Router-ui-vty0-4] protocol inbound ssh
   [Router-ui-vty0-4] quit
   

   # Configure a local user named client002 with the password aabbcc and the service type ssh.

   [Router] local-user client002
   [Router-luser-client002] password simple aabbcc
   [Router-luser-client002] service-type ssh
   [Router-luser-client002] quit
   

   # Configure an SSH user client002 with authentication method password and service type SFTP.

   [Router] ssh user client002 service-type sftp authentication-type password
   

2. Establish a connection to the SFTP server:

   The device supports different types of SFTP client software. The following uses PSFTP of PuTTY version 0.58 as an example.

   PSFTP supports only password authentication.

   To establish a connection to the SFTP server:

   1. Run the psftp.exe to launch the client interface as shown in Figure 128, and enter the following command:

      open 192.168.1.45
      

   2. Enter username client002 and password aabbcc as prompted to log in to the SFTP server.

   Figure 128: SFTP client interface