SCP server configuration example

Unless otherwise noted, devices in the configuration example are operating in non-FIPS mode.

As shown in Figure 93, the switch acts as the SCP server, and the host acts as the SCP client. The host establishes an SSH connection to the switch. The user uses the username test and the password aabbcc. The username and password are saved on the switch for local authentication.

# Generate RSA key pairs.

<Switch> system-view
[Switch] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++
++++++++++++++
+++++
++++++++

# Generate a DSA key pair.

[Switch] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++

# Enable the SSH server function.

[Switch] ssh server enable

# Configure an IP address for VLAN-interface 1, which the client will use as the destination for SSH connection.

[Switch] interface vlan-interface 1
[Switch-Vlan-interface1] ip address 192.168.1.45 255.255.255.0
[Switch-Vlan-interface1] quit

# Set the authentication mode of the user interfaces to AAA.

[Switch] user-interface vty 0 15
[Switch-ui-vty0-15] authentication-mode scheme

# Enable the user interfaces to support all protocols including SSH.

[Switch-ui-vty0-15] protocol inbound all
[Switch-ui-vty0-15] quit

# Create a local user named test.

[Switch] local-user test
[Switch-luser-test] password simple aabbcc
[Switch-luser-test] service-type ssh
[Switch-luser-test] quit

# Configure the SSH user authentication method as password and service type as scp.

[Switch] ssh user test service-type scp authentication-type password