Table of Contents
Advertisement
HUAWEI USG6000&USG9500
Upgrade Guide
Figure 1-56 Schematic diagram of uploading/downloading files through SFTP and with the
USG6000 serving as the SFTP server
The roadmap for configuring an SFTP client (PC2) to communicate with an SSH server
(USG6000) is as follows (RSA authentication is used):
l
l
l
l
l
l
Procedure
Step 1 Enable the SSH service on interface GigabitEthernet 0/0/0.
<NGFW> system-view
[NGFW] interface GigabitEthernet 0/0/0
[NGFW-GigabitEthernet0/0/0] service-manage ssh permit
[NGFW-GigabitEthernet0/0/0] service-manage enable
[NGFW-GigabitEthernet0/0/0] quit
Log in to the USG6000 from PC1 through Telnet/SSH.
Step 2 Create an SSH user on the USG6000.
Enable the SFTP service
[FW] sftp server enable
Configure an authentication mode and a protocol on the VTY interface.
[FW] user-interface vty 0 4
[FW-ui-vty0-4] authentication-mode aaa
[FW-ui-vty0-4] protocol inbound ssh
[FW-ui-vty0-4] quit
Create SSH user client and set the authentication type to rsa, service type to SFTP, and
service directory to hda1:
Issue 01 (2018-01-16)
NOTE
You can also use a PC as both the Telnet/SSH client and the SFTP server. The following example
describes takes the two-PC deployment.
Create an SSH user on the USG6000.
Configure a local key pair for PC2 and the USG6000.
Copy the public key of PC2 to the USG6000.
On the USG6000, bind the SSH user to the public key of PC2.
Enable SFTP services on the USG6000.
Configure the SSH user to log in to the USG6000 from PC2.
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
1 USG6000
98
Hide quick links:
Advertisement
Table of Contents
