HP VPN Firewall Appliances System Management and Maintenance Configuration Guide
196
+++++
++++++++
# Generate a DSA key pair.
[Firewall] public-key local create dsa
The range of public key size is (512 ~ 2048).
NOTES: If the key modulus is greater than 512,
It will take a few minutes.
Press CTRL+C to abort.
Input the bits of the modulus[default = 1024]:
Generating Keys...
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++
# Enable the SSH server function.
[Firewall] ssh server enable
# Enable the SFTP server.
[Firewall] sftp server enable
# Configure an IP address for interface GigabitEthernet 0/1. The SFTP client uses this address as
the destination for SSH connection.
[Firewall] interface gigabitethernet 0/1
[Firewall-GigabitEthernet0/1] ip address 192.168.1.45 255.255.255.0
[Firewall-GigabitEthernet0/1] quit
# Set the authentication mode of the user interfaces to AAA.
[Firewall] user-interface vty 0 4
[Firewall-ui-vty0-4] authentication-mode scheme
# Enable the user interfaces to support SSH.
[Firewall-ui-vty0-4] protocol inbound ssh
[Firewall-ui-vty0-4] quit
# Configure a local user named client002 with the password aabbcc and the service type ssh.
[Firewall] local-user client002
[Firewall-luser-client002] password simple aabbcc
[Firewall-luser-client002] service-type ssh
[Firewall-luser-client002] quit
# Create an SSH user client002, and specify the user authentication method for the user as
password and service type as SFTP.
[Firewall] ssh user client002 service-type sftp authentication-type password
2. Establish a connection to the SFTP server:
The device supports different types of SFTP client software. The following uses PSFTP of PuTTY
version 0.58 as an example.
NOTE:
PSFTP supports only password authentication.
To establish a connection to the SFTP server:
a. Run the psftp.exe to launch the client interface as shown in Figure 89, and enter the following
command:
open 192.168.1.45