Secure Copy Protocol Overview; Secure Copy Protocol Concepts - Cisco Catalyst 2960-XR Security Configuration Manual
Ios release 15.0 2 ex1
Hide thumbs
Also See for Catalyst 2960-XR:
- Configuration manual (196 pages) ,
- Configuration manuals (120 pages) ,
- Reference (52 pages)
Table of Contents
Advertisement
Secure Copy Protocol Overview
• When configuring the local authentication and authorization authentication method, make sure that AAA
Related Topics
Setting Up the Switch to Run SSH, on page 89
Configuring the Switch for Local Authentication and Authorization, on page 81
Secure Copy Protocol Overview
The Secure Copy Protocol (SCP) feature provides a secure and authenticated method for copying switch
configurations or switch image files. SCP relies on Secure Shell (SSH), an application and a protocol that
provides a secure replacement for the Berkeley r-tools.
For SSH to work, the switch needs an RSA public/private key pair. This is the same with SCP, which relies
on SSH for its secure transport.
Because SSH also relies on AAA authentication, and SCP relies further on AAA authorization, correct
configuration is necessary.
• Before enabling SCP, you must correctly configure SSH, authentication, and authorization on the switch.
• Because SCP relies on SSH for its secure transport, the router must have an Rivest, Shamir, and Adelman
When using SCP, you cannot enter the password into the copy command. You must enter the password
Note
when prompted.
Secure Copy Protocol Concepts
The Secure Copy Protocol (SCP) feature provides a secure and authenticated method for copying switch
configurations or switch image files. SCP relies on Secure Shell (SSH), an application and a protocol that
provides a secure replacement for the Berkeley r-tools.
To configure the Secure Copy feature, you should understand the SCP concepts.
The behavior of SCP is similar to that of remote copy (rcp), which comes from the Berkeley r-tools suite,
except that SCP relies on SSH for security. SCP also requires that authentication, authorization, and accounting
(AAA) authorization be configured so the router can determine whether the user has the correct privilege
level.
For information about how to configure and verify SCP, see the "Secure Copy Protocol" section in the Cisco
IOS Security Configuration Guide: Securing User Services, Release 12.4.
Related Topics
Prerequisites for Configuring the Switch for Secure Shell (SSH) and Secure Copy Protocol (SCP), on
page 85
Restrictions for Configuring the Switch for SSH, on page 86
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
88
is disabled on the console.
(RSA) key pair.
Configuring Secure Shell (SSH)
OL-29434-01
Hide quick links:
Advertisement
Table of Contents
