SCP and SFTP for IPv6

You can take advantage of the SCP and SFTP client applications to provide a secure alternative to TFTP for transferring sensitive switch information, such as configuration files and login information, between the switch and an administrator workstation.

By default, SSH is enabled for IPv4 and IPv6 connections on a switch, and a single command set is used for both IPv4 and IPv6 file transfers.

SCP and SFTP run over an encrypted SSH session, allowing you to use a secure SSH tunnel to:

  • Transfer files and update Switch software images.

  • Distribute new software images with automated scripts that make it easier to upgrade multiple switches simultaneously and securely.

You can perform secure file transfers to and from IPv4 and IPv6 client devices by entering the ip ssh filetransfer command.

Syntax:

ip ssh filetransfer

no ip ssh filetransfer

Enables SSH on the switch to connect to an SCP or SFTP client application to transfer files to and from the switch.

Use the no ip ssh filetransfer command to disable the switch's ability to perform secure file transfers with an SCP or SFTP client, without disabling SSH on the switch.

After an IPv6 client running SCP/SFTP successfully authenticates and opens an SSH session on the switch, you can copy files to and from the switch using secure, encrypted file transfers. See the documentation that comes with an SCP or SFTP client application for information on the file transfer commands and software utilities to use.

NOTE:

Enabling SSH file transfer disables TFTP and auto-TFTP operation.

The switch supports one SFTP session or one SCP session at a time.

All files on the switch have read-write permission. However, several SFTP commands, such as create or remove, are not supported and return an error.

For complete information on how to configure SCP or SFTP in an SSH session to copy files to and from the switch, see the ArubaOS-Switch Management and Configuration Guide for your switch.