Configuration procedure
Configure the SCP server:
<RouterB> system-view [RouterB] public-key local create rsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++ ++++++++++++++ +++++ ++++++++
# Generate a DSA key pair.
[RouterB] public-key local create dsa The range of public key size is (512 ~ 2048). NOTES: If the key modulus is greater than 512, It will take a few minutes. Press CTRL+C to abort. Input the bits of the modulus[default = 1024]: Generating Keys... ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++++++++++++++++++++++++++++++
# Enable the SSH server function.
[RouterB] ssh server enable
# Configure an IP address for Ethernet 1/1. The client uses this address as the destination for SCP connection.
[RouterB] interface ethernet 1/1 [RouterB-Ethernet1/1] ip address 192.168.0.1 255.255.255.0 [RouterB-Ethernet1/1] quit
# Set the authentication mode of the user interfaces to AAA.
[RouterB] user-interface vty 0 4 [RouterB-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[RouterB-ui-vty0-4] protocol inbound ssh [RouterB-ui-vty0-4] quit
# Create a local user named client001 with the password aabbcc and the service type ssh.
[RouterB] local-user client001 [RouterB-luser-client001] password simple aabbcc [RouterB-luser-client001] service-type ssh [RouterB-luser-client001] quit
# Create an SSH user client001 with the service type scp and the authentication method password. (Optional. If an SSH user is not created, password authentication is used by default.)
[RouterB] ssh user client001 service-type scp authentication-type password
Configure an IP address for Ethernet 1/1.
<RouterA> system-view [RouterA] interface ethernet 1/1 [RouterA-Ethernet1/1] ip address 192.168.0.2 255.255.255.0 [RouterA-Ethernet1/1] quit [RouterA] quit
Connect to the SCP server, download the file remote.bin from the server, and save it locally to the file local.bin.
<RouterA> scp 192.168.0.1 get remote.bin local.bin Username: client001 Trying 192.168.0.1 ... Press CTRL+K to abort Connected to 192.168.0.1 ... The Server is not authenticated. Continue? [Y/N]:y Do you want to save the server public key? [Y/N]:n Enter password: 18471 bytes transfered in 0.001 seconds.