407
Usage guidelines
In publickey authentication, the client must get the local private key for digital signature. Because the
publickey authentication uses either RSA or DSA algorithm, you must specify an algorithm by using the
identity-key keyword. In this way, the client can get the correct local private key.
Examples
# Connect an SCP client to the SCP server 200.1.1.1. Specify the public key of the server as svkey, and
download the file abc.txt from the server. The SCP client uses publickey authentication. Use the following
algorithms:
• Preferred key exchange algorithm is dh-group14.
• Preferred server-to-client encryption algorithm is aes128.
• Preferred client-to-server HMAC algorithm is sha1.
• Preferred server-to-client HMAC algorithm is sha1-96.
• Preferred compression algorithm between the server and client is zlib.
<Sysname> scp 200.1.1.1 get abc.txt prefer-kex dh-group14 prefer-stoc-cipher aes128
prefer-ctos-hmac sha1 prefer-stoc-hmac sha1-96 prefer-compress zlib publickey svkey
scp ipv6
Use scp ipv6 to establish a connection to an IPv6 SCP server and transfer files with the server.
Syntax
In non-FIPS mode:
scp ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]
{ put | get } source-file-name [ destination-file-name ] [ identity-key { dsa | rsa } | prefer-compress zlib
| prefer-ctos-cipher { 3des | aes128 | aes256 | des } | prefer-ctos-hmac { md5 | md5-96 | sha1 |
sha1-96 } | prefer-kex { dh-group-exchange | dh-group1 | dh-group14 } | prefer-stoc-cipher { 3des |
aes128 | aes256 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] * [ publickey
keyname | source { interface interface-type interface-number | ipv6 ipv6-address } ] *
In FIPS mode:
scp ipv6 server [ por
t-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type interface-number ]
{ put | get } source-file-name [ destination-file-name ] [ identity-key rsa | prefer-compress zlib |
prefer-ctos-cipher { aes128 | aes256 } | prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14
| prefer-stoc-cipher { aes128 | aes256 } | prefer-stoc-hmac { sha1 | sha1-96 } ] * [ publickey keyname
| source { interface interface-type interface-number | ipv6 ipv6-address } ] *
Views
User view
Predefined user roles
network-admin
Parameters
server: Specifies a server by its IPv6 address or host name, a case-insensitive string of 1 to 253
characters.
port-number: Specifies the port number of the server, in the range of 1 to 65535. The default is 22.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the server belongs, where
the vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
To Next Page
Loading...
Need help?
General
