4000 Router Series Security Configuration Guide

240

Figure 66 SFTP client interface

Publickey authentication enabled SFTP client configuration

example

Network requirements

As shown in Figure 67, you can log in to Router B through the SFTP client that runs on Router A and are

assigned the user role network-admin to execute file management and transfer operations. Router B acts

as the SFTP server and uses publickey authentication and the RSA public key algorithm.

Figure 67 Network diagram

Configuration procedure

In the server configuration, the client's host public key is required. Use the client software to generate the

RSA key pairs on the client before configuring the SFTP server.

1. Configure the SFTP client:

# Assign an IP address to interface Ethernet 1/1.

<RouterA> system-view

[RouterA] interface ethernet 1/1

[RouterA-Ethernet1/1] ip address 192.168.0.2 255.255.255.0

[RouterA-Ethernet1/1] quit

# Generate the RSA key pairs.

[RouterA] public-key local create rsa