sftp

Syntax

In non-FIPS mode:

sftp server [ port-number ] [ identity-key { dsa | ecdsa | rsa } | prefer-ctos-cipher { 3des | aes128 | des } | prefer-ctos-hmac { md5 | md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange | dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des | aes128 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *

In FIPS mode:

sftp server [ port-number ] [ identity-key { ecdsa | rsa } | prefer-ctos-cipher { aes128 | aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] *

View

User view

Default level

3: Manage level

Parameters

server: IPv4 address or host name of the server, a case-insensitive string of 1 to 20 characters.

port-number: Port number of the server, in the range of 0 to 65535. The default is 22.

identity-key: Specifies a public key algorithm. The default is dsa in non-FIPS mode and rsa in FIPS mode. If the server uses publickey authentication, you must specify this keyword. The client generates the digital signature by using the local private key that is associated with the algorithm.

• dsa: Specifies the public key algorithm dsa.

• ecdsa: Specifies the public key algorithm ecdsa.

• rsa: Specifies the public key algorithm rsa.

prefer-ctos-cipher: Specifies the preferred encryption algorithm from client to server. The default is aes128.

• 3des: Specifies the encryption algorithm 3des-cbc.

• aes128: Specifies the encryption algorithm aes128-cbc.

• aes256: Specifies the encryption algorithm aes256-cbc.

• des: Specifies the encryption algorithm des-cbc.

prefer-ctos-hmac: Specifies the preferred HMAC algorithm from client to server. The default is sha1-96.

• md5: Specifies the HMAC algorithm hmac-md5.

• md5-96: Specifies the HMAC algorithm hmac-md5-96.

• sha1: Specifies the HMAC algorithm hmac-sha1.

• sha1-96: Specifies the HMAC algorithm hmac-sha1-96.

prefer-kex: Specifies the preferred key exchange algorithm. The default is dh-group-exchange in non-FIPS mode and is dh-group14 in FIPS mode.

• dh-group-exchange: Specifies the key exchange algorithm diffie-hellman-group-exchange-sha1.

• dh-group1: Specifies the key exchange algorithm diffie-hellman-group1-sha1.

• dh-group14: Specifies the key exchange algorithm diffie-hellman-group14-sha1.

prefer-stoc-cipher: Specifies the preferred encryption algorithm from server to client. The default is aes128.

prefer-stoc-hmac: Specifies the preferred HMAC algorithm from server to client. The default is sha1-96.

Description

Use sftp to establish a connection to a remote IPv4 SFTP server and enter SFTP client view.

Examples

# Connect to SFTP server 10.1.1.2, using the following connection scheme:

• Preferred key exchange algorithm: dh-group1.

• Preferred encryption algorithm from server to client: aes128.

• Preferred HMAC algorithm from client to server: md5.

• Preferred HMAC algorithm from server to client: sha1-96.

<Sysname> sftp 10.1.1.2 prefer-kex dh-group1 prefer-stoc-cipher aes128 prefer-ctos-hmac md5 prefer-stoc-hmac sha1-96
Input Username: