beautypg.com

H3C Technologies H3C SecPath F1000-E User Manual

Page 85

background image

6

NOTE:

During SFTP server configuration, the client public key is required. Therefore, you are recommended to
use the client software to generate an RSA key pair on the client before configuring the SFTP server.

Step1

Configure the SFTP client

# Configure an IP address for interface GigabitEthernet 0/1.

system-view

[DeviceA] interface gigabitethernet 0/1

[DeviceA-GigabitEthernet0/1] ip address 192.168.0.2 255.255.255.0

[DeviceA-GigabitEthernet0/1] quit

# Generate an RSA key pair.

[DeviceA] public-key local create rsa

# Export the host public key to file pubkey.

[DeviceA] public-key local export rsa ssh2 pubkey

[DeviceA] quit

Then, you need to transmit the public key file to the server through FTP or TFTP.

Step2

Configure the SFTP server

# Generate RSA and DSA key pairs and enable the SSH server.

system-view

[DeviceB] public-key local create rsa

[DeviceB] public-key local create dsa

[DeviceB] ssh server enable

# Enable the SFTP server.

[DeviceB] sftp server enable

# Configure an IP address for interface GigabitEthernet 0/1, which the client will use as the destination
for SSH connection.

[DeviceB] interface gigabitethernet 0/1

[DeviceB-GigabitEthernet0/1] ip address 192.168.0.1 255.255.255.0

[DeviceB-GigabitEthernet0/1] quit

# Set the authentication mode of the user interfaces to AAA.

[DeviceB] user-interface vty 0 4

[DeviceB-ui-vty0-4] authentication-mode scheme

# Enable the user interfaces to support SSH.

[DeviceB-ui-vty0-4] protocol inbound ssh

[DeviceB-ui-vty0-4] quit

# Import the peer public key from the file pubkey.

[DeviceB] public-key peer Device001 import sshkey pubkey

# For user client001, set the service type as SFTP, authentication method as publickey, public key as
Device001, and working folder as cfa0:/.

[DeviceB] ssh user client001 service-type sftp authentication-type publickey assign

publickey Device001 work-directory cfa0:/

Step3

Establish a connection between the SFTP client and the SFTP server

# Establish a connection to the remote SFTP server and enter SFTP client view.

This manual is related to the following products:
See also other documents in the category H3C Technologies Safety: