SCP/SFTP operating notes

  • Any attempts to use SCP or SFTP without using ip ssh filetransfer will cause the SCP or SFTP session to fail. Depending on the client software in use, you will receive an error message on the originating console, for Example:
    IP file transfer not enabled on the switch
  • There is a delay when SFTP is copying an image onto the switch, and although the command prompt returns in a couple of seconds, the switch may take approximately a minute and half writing the image to flash. You can keep entering the show flash command to see when the copy is complete and the flash is updated. You can also check the log for an entry similar to the following:
    I 01/09/13 16:17:07 00150 update: Primary Image updated.
    
    I 01/09/13 16:13:22 00636 ssh: sftp session from 15.22.22.03
  • When an SFTP client connects, the switch provides a file system displaying all of its available files and folders. No file or directory creation is permitted by the user. Files may be only uploaded or downloaded, according to the permissions mask. All of the necessary files the switch needs are already in place on the switch. You do not need to (nor can you) create new files.

  • The switch supports one SFTP session or one SCP session at a time.

  • All files have read-write permission. Several SFTP commands, such as create or remove, are not allowed and return an error message. The switch displays the following files:
    /
    +---cfg
    |   running-config
    |   startup-config
    +---log
    |   crash-data
    |   crash-data-a
    |   crash-data-b 
    |   crash-data-c 
    |   crash-data-d 
    |   crash-data-e            "      "
    |   crash-data-f ""
    |   crash-data-g
    |   crash-data-h            "      "
    |   crash-data-I ""
    |   crash-data-J ""
    |   crash-data-K ""
    |   crash-data-L "    "
    |   crash-log
    |   crash-log-a
    |   crash-log-b 
    |   crash-log-c 
    |   crash-log-d
    |   crash-log-e""
    |   crash-log-f""
    |   crash-log-g
    |   crash-log-h" "
    |   crash-log-I" "
    |   crash-log-J" "
    |   crash-log-K" "
    |   crash-log-L" "
    |   event log
    +---os
    |   primary
    |   secondary
    \---ssh
        +---mgr_keys
        |   authorized_keys
        \---oper_keys
        |   authorized_keys
    \---core
    |   port_1-24.cor    core-dump for ports 1-24 (stackable switches only)
    |   port_25-48.cor   core-dump for ports 25-48 (stackable switches only)
    

Once you have configured your switch for secure file transfers with SCP and SFTP, files can be copied to or from the switch in a secure (encrypted) environment and TFTP is no longer necessary.