Filter
Top Products
6-18
IPv6 Management Security Features
Secure Copy and Secure FTP for IPv6
Secure Copy and Secure FTP for IPv6
You can take advantage of the Secure Copy (SCP) and Secure FTP (SFTP)
client applications to provide a secure alternative to TFTP for transferring
sensitive switch information, such as configuration files and login informa-
tion, between the switch and an administrator workstation.
SCP and SFTP run over an encrypted SSH session allowing you to use a secure
SSH tunnel to:
■ Transfer files and update ProCurve software images.
■ Distribute new software images with automated scripts that make it easier
to upgrade multiple switches simultaneously and securely.
By default, SSH is enabled for IPv4 and IPv6 connections on a switch. If you
have not disabled SSH connections from IPv6 clients (by entering the ip ssh
ip-version 4 command), you can perform secure file transfers to and from IPv6
client devices by entering the ip ssh filetransfer command.
After an IPv6 client running SCP/SFTP successfully authenticates and opens
an SSH session on the switch, you can copy files to and from the switch using
secure, encrypted file transfers. Refer to the documentation that comes with
an SCP or SFTP client application for information on the file transfer com-
mands and software utilities to use.
Notes The switch supports one SFTP session or one SCP session at a time.
All files on the switch have read-write permission. However, several SFTP
commands, such as create or remove, are not supported and return an error
message.
For complete information on how to configure SCP or SFTP in an SSH session
to copy files to and from the switch, refer to the “File Transfers” appendix in
the Management and Configuration Guide for your switch.
Syntax:. [no] ip ssh filetransfer
Enables SSH on the switch to connect to an SCP or SFTP client
application to transfer files to and from the switch.
Use the no ip ssh filetransfer command to disable the switch’s
ability to perform secure file transfers with an SCP or SFTP
client, without disabling SSH on the switch.