Hola chicos,

Hoy me gustaría compartir con ustedes un método seguro de administrar archivos entre sistemas. Apuesto a que escuchó sobre SCP o Copia segura, pero si no lo sabe, es un método cliente-servidor basado en SSH que puede permitir la transferencia segura de archivos de un host a otro.

Haré una demostración de cómo se puede configurar este protocolo en la serie de switches lan S5700 usando la interfaz de línea de comandos. Consideremos un escenario cliente-servidor, un conmutador será el servidor SSH y el segundo el cliente SSH.

Configuración del servidor:

#                                                                               
aaa                                                                            
 
 local-user test password cipher %@%@Bi29HO<d{Bn*kPPc|>yQK<X3Akw3X'v%a6lsdT4r-Y@                       ------test@12345678901234567890
M<X6K%@%@                                                                       
 local-user test privilege level 3                                              
 local-user test ftp-directory flash:                                           
 local-user test service-type ssh                                               
#        
                   
#         
scp server enable                                                               
ssh authentication-type default password                                                                       
ssh user test                                                                   
ssh user test authentication-type password                                      
ssh user test service-type all                                                  
ssh user test sftp-directory flash:                                             
ssh client first-time enable                                                    
ssh client 10.136.22.176 assign rsa-key 10.136.22.176                           
#   

Detalles del cliente:

[S57SI_21_40]display dev                                                        
S5748TP-SI-AC's Device status:                                                  
Slot Sub  Type                Online    Power      Register     Status   Role   
------------------------------------------------------------------------------- 
0    -    S5748TP-SI          Present   PowerOn    Registered   Normal   Master 
     3    FAN                 Present   PowerOn    Registered   Normal   NA     
     4    POWER               Present   PowerOn    Registered   Normal   NA  
[S57SI_21_40]display vers                                                       
Huawei Versatile Routing Platform Software                                      
VRP (R) software, Version 5.150 (S5700 V200R005C00SPC300)                       
Copyright (C) 2000-2014 HUAWEI TECH CO., LTD                                    
Quidway S5748TP-SI-AC Routing Switch uptime is 0 week, 0 day, 1 hour, 24 minutes
                                                                                
CX22EFGEC 0(Master) : uptime is 0 week, 0 day, 1 hour, 23 minutes               
256M bytes DDR Memory                                                           
32M bytes FLASH                                                                 
Pcb      Version :  VER.B                                                       
Basic  BOOTROM  Version :  241 Compiled at Mar 21 2014, 16:57:13                
CPLD   Version : 6                                                              
Software Version : VRP (R) Software, Version 5.150 (V200R005C00SPC300)          
FANCARD I information                                                           
Pcb      Version : FAN VER.B                                                    
PWRCARD I information                                                           
Pcb      Version : PWR VER.A  

Cómo funciona?

[S57SI_21_40]scp test@10.136.28.114:s63ei.cfg s63ei.cfg                         
Trying 10.136.28.114 ...                                                        
Press CTRL+K to abort                                                           
Connected to 10.136.28.114 ...                                                  
The server is not authenticated. Continue to access it? [Y/N] :y                
Save the server's public key? [Y/N] :y                                          
The server's public key will be saved with the name 10.136.28.114. Please wait..
.                                                                               
                                                                                
Please select public key type for user authentication [R for RSA; D for DSA; Ent
er for Skip publickey authentication; Ctrl_C for Cancel], Please select [R, D, E
nter or Ctrl_C]:                                                                
Enter password:                                                                 
                                                                                
s63ei.cfg                      100%         5783Bytes            6Kb/s     

Espero que este articulo les sea útil!