R2511-HP MSR Router Series Security Configuration Guide(V5)
390
Network requirements
As shown in Figure 128, Router A acts as an SCP client and Router B acts as an SCP server. A user can
securely transfer files with Router B through Router A. Router B uses the password authentication method
and the client's username and password are saved on Router B.
Figure 128 Network diagram
Configuration procedure
1. Configure the SCP server:
<RouterB> system-view
[RouterB] public-key local create rsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++
++++++++++++++
+++++
++++++++
# Generate a DSA key pair.
[RouterB] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++
# Enable the SSH server function.
[RouterB] ssh server enable
# Configure an IP address for Ethernet 1/1. The client uses this address as the destination for SCP
connection.
[RouterB] interface ethernet 1/1
[RouterB-Ethernet1/1] ip address 192.168.0.1 255.255.255.0
[RouterB-Ethernet1/1] quit
# Set the authentication mode of the user interfaces to AAA.
[RouterB] user-interface vty 0 4
[RouterB-ui-vty0-4] authentication-mode scheme