Configuration procedure
Configure the SCP server:
<SwitchB> system-view [SwitchB] public-key local create rsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++ ++++++++++++++ +++++ ++++++++
# Generate a DSA key pair.
[SwitchB] public-key local create dsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++
# Generate an ECDSA key pair.
[SwitchB] public-key local create ecdsa secp256r1 Generating Keys...
# Enable the SSH server function.
[SwitchB] ssh server enable
# Configure an IP address for VLAN-interface 2. The client uses this address as the destination address for SCP connection.
[SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ip address 192.168.0.1 255.255.255.0 [SwitchB-Vlan-interface2] quit
# Set the authentication mode to AAA for the user interfaces.
[SwitchB] user-interface vty 0 15 [SwitchB-ui-vty0-15] authentication-mode scheme
# Enable the user interface to support SSH.
[SwitchB-ui-vty0-15] protocol inbound ssh [SwitchB-ui-vty0-15] quit
# Create a local user client001. Specify the password as aabbcc and service type as ssh for the user.
[SwitchB] local-user client001 [SwitchB-luser-client001] password simple aabbcc [SwitchB-luser-client001] service-type ssh [SwitchB-luser-client001] quit
# Create an SSH user client001. Specify the service type as scp and authentication method as password for the user.
[SwitchB] ssh user client001 service-type scp authentication-type password
Configure an IP address for VLAN-interface 2 on the SCP client.
<SwitchA> system-view [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] ip address 192.168.0.2 255.255.255.0 [SwitchA-Vlan-interface2] quit [SwitchA] quit
Connect to the SCP server, download the file remote.bin from the server, and save it locally with the name local.bin.
<SwitchA> scp 192.168.0.1 get remote.bin local.bin Username: client001 Trying 192.168.0.1 ... Press CTRL+K to abort Connected to 192.168.0.1 ... The Server is not authenticated. Continue? [Y/N]:y Do you want to save the server public key? [Y/N]:n Enter password: 18471 bytes transfered in 0.001 seconds.