No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Basic Configuration

S7700 and S9700 V200R010C00

This document describes methods to use command line interface and to log in to the device, file operations, and system startup configurations.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring an SCP Client

Example for Configuring an SCP Client

Networking Requirements

Compared with the SFTP protocol, the SCP protocol can authenticate user identity while transferring files, improving configuration efficiency.

As shown in Figure 7-10, routes between the device functioning as the SCP client and the SSH server are reachable. The SCP client can download files from the SSH server.

Figure 7-10  Networking diagram for managing files when the device functions as an SCP client

Configuration Roadmap

The configuration roadmap is as follows:

  1. Generate a local key pair on the SSH server.

  2. Create an SSH user on the SSH server.

  3. Enable the SCP function on the SSH server.

  4. Download the backup.cfg file from the SSH server.

Procedure

  1. Generate a local key pair on the SSH server.

    <HUAWEI> system-view
    [HUAWEI] sysname SSH_Server
    [SSH_Server] dsa local-key-pair create
    Info: The key name will be: SSH_Server_Host_DSA.                                                                                   
    Info: The key modulus can be any one of the following : 1024, 2048.                                                            
    Info: If the key modulus is greater than 512, it may take a few minutes.                                                            
    Please input the modulus [default=2048]:                                                                                            
    Info: Generating keys......                                                                                                            
    Info: Succeeded in creating the DSA host keys. 
    

  2. Create an SSH user on the SSH server.

    # Configure the VTY user interface.

    [SSH_Server] user-interface vty 0 14
    [SSH_Server-ui-vty0-14] authentication-mode aaa
    [SSH_Server-ui-vty0-14] protocol inbound ssh
    [SSH_Server-ui-vty0-14] quit

    # Create an SSH user client001 and set the authentication mode to password and service type to all.

    [SSH_Server] ssh user client001
    [SSH_Server] ssh user client001 authentication-type password
    [SSH_Server] ssh user client001 service-type all

    # Set the password of the client001 user to Helloworld@6789.

    [SSH_Server] aaa
    [SSH_Server-aaa] local-user client001 password irreversible-cipher Helloworld@6789
    [SSH_Server-aaa] local-user client001 service-type ssh
    [SSH_Server-aaa] local-user client001 privilege level 3 
    [SSH_Server-aaa] quit

  3. Enable the SCP function on the SSH server.

    [SSH_Server] scp server enable

  4. Download the backup.cfg file from the SSH server.

    # If the client connects to the SSH server for the first time, enable the initial authentication function on the client.

    <HUAWEI> system-view
    [HUAWEI] sysname SCP_Client
    [SCP_Client] ssh client first-time enable

    # Use the aes256 encryption algorithm to download the backup.cfg file from the SSH server to the local user's directory.

    [SCP_Client] scp -cipher aes256 client001@10.1.1.1:backup.cfg backup.cfg
    Trying 10.1.1.1 ...
    Press CTRL+K to abort
    Connected to 10.1.1.1 ...
    The server has not been authenticated. Continue to access it? [Y/N]:y
    Do you want to save the server's public key? [Y/N]:y
    The server's public key will be saved with the name 10.1.1.1. Please wait.
    ..
    Enter password:
    backup.cfg                     100%        19174Bytes            7KByte(s)/sec

Configuration File

  • SSH_Server configuration file

    #
    sysname SSH_Server
    #
    aaa
     local-user client001 password irreversible-cipher $1a$P2m&M5d"'JHR7b~SrcHF\Z\,2R"t&6V|zOLh9y$>M\bjG$D>%@Ug/<3I$+=Y$
     local-user client001 privilege level 3
     local-user client001 service-type ssh
    #
    scp server enable
    ssh user client001
    ssh user client001 authentication-type password
    ssh user client001 service-type all  
    #
    user-interface vty 0 14
     authentication-mode aaa
    #
    return
  • SCP_Client configuration file

    #
    sysname SCP_Client
    #
    ssh client first-time enable
    #
    return
Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141895

Views: 57681

Downloads: 214

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next