R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

381

382

383

384

385

386

387

388

389

390

371

Usage guidelines

To make sure the SFTP client and the SFTP server can communicate with each other, and to improve the

manageability of SFTP clients in the authentication service, HP recommends that you specify a loopback

interface as the source interface.

Examples

# Specify the source IP address of the SFTP client as 192.168.0.1.

<Sysname> system-view

[Sysname] sftp client source ip 192.168.0.1

Related commands

display sftp client source

sftp ipv6

Use sftp ipv6 to establish a connection to an IPv6 SFTP server and enter SFTP client view.

Syntax

In non-FIPS mode:

sftp ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ identity-key { dsa | rsa } |

prefer-compress { zlib | zlib-openssh } | prefer-ctos-cipher { 3des | aes128 | des } | prefer-ctos-hmac

{ md5 | md5-96 | sha1 | sha1-96 } | prefer-kex { dh-group-exchange | dh-group1 | dh-group14 } |

prefer-stoc-cipher { 3des | aes128 | des } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 } ] *

In FIPS mode:

sftp ipv6 server [ port-number ] [ identity-key rsa | prefer-ctos-cipher { aes128 | aes256 } |

prefer-ctos-hmac { sha1 | sha1-96 } | prefer-kex dh-group14 | prefer-stoc-cipher { aes128 | aes256 }

| pr

efer-stoc-hmac { sha1 | sha1-96 } ] *

Views

User view

Default command level

3: Manage level

Parameters

server: Specifies an IPv6 server by its address or host name, a case-insensitive string of 1 to 46

characters.

port-number: Specifies the port number of the server, in the range of 0 to 65535. The default is 22.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the server belongs, where the

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the server is on the public

network, do not specify this option.

identity-key: Specifies the algorithm for publickey authentication, either dsa or rsa. In non-FIPS mode, the

algorithm is either dsa or rsa. In FIPS mode, the algorithm is rsa.

• dsa: Specifies the public key algorithm dsa.

• rsa: Specifies the public key algorithm rsa.

prefer-compress: Specifies the preferred compression algorithm. By default, the compression algorithm is

not used.