beautypg.com

Displaying additional ssh connection information, Secure copy with ssh2, Enabling and disabling scp – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 93: Secure copy configuration notes

background image

Displaying additional SSH connection information

The show who command also displays information about SSH connections:

device#show who

Console connections:

Established

you are connecting to this session

2 minutes 56 seconds in idle

SSH server status: Enabled

SSH connections (inbound):

1. established, client ip address 10.2.2.1, server hostkey DSA

1 minutes 15 seconds in idle

2. established, client ip address 10.2.2.2, server hostkey RSA

2 minutes 25 seconds in idle

SSH connection (outbound):

3. established, server ip address 10.37.77.15, server hostkey RSA

7 seconds in idle

Syntax: show who { begin expression | exclude expression | include expression }

Secure copy with SSH2

Secure Copy (SCP) uses security built into SSH to transfer image and configuration files to and from
the device. SCP automatically uses the authentication methods, encryption algorithm, and data
compression level configured for SSH. For example, if password authentication is enabled for SSH, the
user is prompted for a user name and password before SCP allows a file to be transferred. No
additional configuration is required for SCP on top of SSH.

You can use SCP to copy files on the Brocade device, including the startup configuration and running
configuration files, to or from an SCP-enabled remote host.

Enabling and disabling SCP

SCP is enabled by default and can be disabled. To disable SCP, enter the following command.

device(config)#ip ssh scp disable

Syntax: ip ssh [ scp ] { disable | enable }

NOTE
If you disable SSH, SCP is also disabled.

Secure copy configuration notes

• When using SCP, enter the scp commands on the SCP-enabled client, rather than the console on

the Brocade device.

• Certain SCP client options, including -p and -r, are ignored by the SCP server on the Brocade device.

If an option is ignored, the client is notified.

• An SCP AES copy of the running or start configuration file from the Brocade device to Linux WS 4 or

5 may fail if the configuration size is less than 700 bytes. To work around this issue, use PuTTY to
copy the file.

• SCP does not support running config overwite except acl configuration.

Displaying additional SSH connection information

FastIron Ethernet Switch Security Configuration Guide

93

53-1003088-03

See also other documents in the category Brocade Computer Accessories: