HCNA实验指南-配置路由器开启SFTP

实验内容使用AR1作为SFTP的Server，AR2作为SFTP的Client，模拟用户从AR2通过SFTP登陆到AR1。AR1 IP：192.168.1.1AR2 IP：192.168.1.10us

.

实验内容
使用AR1作为SFTP的Server，AR2作为SFTP的Client，模拟用户从AR2通过SFTP登陆到AR1。
AR1 IP：192.168.1.1
AR2 IP：192.168.1.10
user：admin1，password：admin1，有管理权限

AR1（192.168.1.1），配置如下：

<Huawei>syste   <Huawei>system-view Enter system view, return user view with Ctrl+Z.[Huawei]sysname AR1[AR1]rsa local-key-pair create The key name will be: Host% RSA keys defined for Host already exist.Confirm to replace them? (y/n)[n]:yThe range of public key size is (512 ~ 2048).NOTES: If the key modulus is greater than 512,       It will take a few minutes.Input the bits in the modulus[default = 512]:Generating keys..........++++++++++++..............++++++++++++..........................................................++++++++.....++++++++[AR1]interface g0/0/0[AR1-GigabitEthernet0/0/0]ip add 192.168.1.1 24[AR1-GigabitEthernet0/0/0]aaa[AR1-aaa]local-user admin1 password cipher admin1 privilege level 3[AR1-aaa]local-user admin1 service-type ssh[AR1-aaa]local-user admin1 ftp-directory flash:[AR1-aaa]user-interface vty 0 4[AR1-ui-vty0-4]protocol inbound ssh[AR1-ui-vty0-4]authentication-mode aaa[AR1-ui-vty0-4]quit[AR1]sftp server enable[AR1]display ssh server status SSH version                         :1.99   SSH connection timeout              :60 seconds SSH server key generating interval  :0 hours SSH Authentication retries          :3 times SFTP Server                         :Enable Stelnet server                      :Disable[AR1]display ssh server session  -------------------------------------------------------------------- Conn   Ver   Encry     State  Auth-type        Username -------------------------------------------------------------------- VTY 0  2.0   AES       run    password         admin1                           ---------------------------------------------------------------

AR2（192.168.1.10），配置如下：

<Huawei>system-view [Huawei]interface g0/0/0[Huawei-GigabitEthernet0/0/0]ip add 192.168.1.10 24[Huawei-GigabitEthernet0/0/0]quit[Huawei]ssh client first-time enable [Huawei]sftp 192.168.1.1Please input the username:admin1Trying 192.168.1.1 ...Press CTRL+K to abortThe server is not authenticated. Continue to access it? (y/n)[n]:yJan 23 2020 00:43:51-08:00 Huawei %%01SSH/4/CONTINUE_KEYEXCHANGE(l)[2]:The server had not been authenticated in the process of exchanging keys. When deciding whether to continue, the user chose Y. sftp-client>Save the server's public key? (y/n)[n]:yThe server's public key will be saved with the name 192.168.1.1. Please wait...Jan 23 2020 00:43:53-08:00 Huawei %%01SSH/4/SAVE_PUBLICKEY(l)[3]:When deciding whether to save the server's public key 192.168.1.1, the user chose Y. sftp-client>Enter password:sftp-client>

.