R0106-HP MSR Router Series Security Configuration Guide(V7)
331
Tasks at a
g
lance
(Optional.) Displaying help information
(Optional.) Terminating the connection with the SFTP server
Specifying the source IP address for SFTP packets
HP recommends that you specify the IP address of the loopback or dialer interface as the source address
for SFTP packets for the following purposes:
• Ensuring the communication between the SFTP client and the Stelnet server.
• Improving the manageability of SFTP clients in authentication service.
To specify the source IP address for the SFTP packets:
Ste
p
Command
Remarks
1. Enter system view.
system-view
N/A
2. Specify the source
address for SFTP packets.
• Specify the source IPv4 address for
SFTP packets:
sftp client source { ip ip-address |
interface interface-type
interface-number }
• Specify the source IPv6 address for
SFTP packets:
sftp client ipv6 source { ipv6
ipv6-address | interface
interface-type interface-number }
By default, the source IP address
for SFTP packets is not configured.
The SFTP packets use the primary IP
address of the output interface
specified in the routing entry as
their source IP address. The IPv6
SFTP packets automatically select
an IPv6 address as their source
address in compliance with RFC
3484.
Establishing a connection to an SFTP server
When you try to access an SFTP server, the device must use the server's host public key to authenticate
the server. If the server's host public key is not configured on the device, the device will prompt you to
confirm whether you want to continue with the access.
• If you choose to continue, the device accesses the server and downloads the server's host public
key.
• If you choose to not continue, the connection cannot be established.
In an insecure network, HP recommends that you configure the server's host public key on the device.
After the connection is established, you can directly enter SFTP client view on the server to perform
operations, such as working with directories or files.
To establish a connection to an IPv4 SFTP server: