通过SCP访问其他设备文件示例

操作步骤

1. 在服务器端生成本地密钥对及指定服务器源接口。

   <HUAWEI> system-view
   [~HUAWEI] sysname SSH Server
   [*HUAWEI] commit
   [*SSH Server] ssh server-source all-interface
   [~SSH Server] rsa local-key-pair create

   The range of public key size is (2048, 3072).
   NOTE: Key pair generation will take a short while.
   Please input the modulus [default = 3072]:3072

2. 在服务器端创建SSH用户。

   # 配置VTY用户界面。

   [*SSH Server] user-interface vty 0 4
   [*SSH Server-ui-vty0-4] authentication-mode aaa
   [*SSH Server-ui-vty0-4] protocol inbound ssh
   [*SSH Server-ui-vty0-4] quit

   # 新建用户名为client001的SSH用户，且认证方式为password，服务方式为all。

   [*SSH Server] ssh user client001
   [*SSH Server] ssh user client001 authentication-type password
   [*SSH Server] ssh user client001 service-type all

   # 为SSH用户client001配置密码为HuaWei@123。

   [*SSH Server] aaa
   [*SSH Server-aaa] local-user client001 password irreversible-cipher HuaWei@123
   [*SSH Server-aaa] local-user client001 service-type ssh
   [*SSH Server-aaa] local-user client001 level 3 
   [*SSH Server-aaa] quit

3. 在服务器端使能SCP服务。

   [*SSH Server] scp server enable
   Info: Succeeded in starting the SCP server.   
   [*SSH Server] commit

4. 从SCP客户端下载服务器上的文件。

   # 第一次登录，使能SSH客户端首次登录功能。

   <HUAWEI> system-view
   [~HUAWEI] sysname SCP Client
   [*HUAWEI] commit
   [~SCP Client] ssh client first-time enable
   [*SCP Client] commit

   # 使用aes256_ctr加密算法将文件backup.cfg从IP地址为10.1.1.1的远端SSH服务器下载至本地用户目录下。

   [~SCP Client] scp -cipher aes256_ctr client001@10.1.1.1:backup.cfg backup.cfg
   Trying 10.1.1.1 ...
   Press CTRL+K to abort
   Connected to 10.1.1.1 ...
    Continue to access it? [Y/N]:y
    [Y/N]:y
   The server's public key will be saved with the name 10.1.1.1. Please wait...
   
   Enter password:
   backup.cfg                     100%        19174Bytes            7Kb/s