R3166-R3206-HP High-End Firewalls System Management and Maintenance Configuration Guide-6PW101
153
SFTP service
NOTE:
The firewall supports SFTP service configuration only in the CLI.
SFTP overview
The secure file transfer protocol (SFTP) is a new feature in SSH2.0.
SFTP uses the SSH connection to provide secure data transfer. The device can serve as the SFTP server,
allowing a remote user to log into the SFTP server for secure file management and transfer. The device
can also server as an SFTP client, enabling a user to login from the device to a remote device for secure
file transfer.
Configuring an SFTP server
Configuration prerequisites
• You have configured the SSH server. For more information about the configuration procedure, see
“Configuring the firewall as an SSH client.”
• You have used the ssh user service-type command to set the service type of SSH users to sftp or all.
For more information abou the configuration procedure, see “Configuring an SSH user.”
Enabling the SFTP server
This configuration task is to enable the SFTP service so that a client can log into the SFTP server through
SFTP.
Follow these steps to enable the SFTP server:
To do… Use the command…
Remarks
Enter system view system-view —
Enable the SFTP server sftp server enable
Required
Disabled by default
NOTE:
W
hen the device functions as the SFTP server, only one client can access the SFTP server at a time. If the
SFTP client uses WinSCP, a file on the server cannot be modified directly; it can only be downloaded to a
local place, modified, and then uploaded to the server.