CHAPTER 10
Secure Copy
This document provides the procedure to configure a Cisco device for Secure Copy (SCP) server-side
functionality.
• Prerequisites for Secure Copy, on page 245
• Information About Secure Copy, on page 245
• How to Configure Secure Copy, on page 246
• Configuration Examples for Secure Copy, on page 249
• Additional References for Secure Copy, on page 250
• Feature Information for Secure Copy, on page 250
Prerequisites for Secure Copy
• Configure Secure Shell (SSH), authentication, and authorization on the device.
• Because the Secure Copy Protocol (SCP) relies on SSH for its secure transport, the device must have a
Rivest, Shamir, and Adelman (RSA) key pair.
Information About Secure Copy
The Secure Copy feature provides a secure and authenticated method for copying switch configurations or
switch image files. The Secure Copy Protocol (SCP) relies on Secure Shell (SSH), an application and a protocol
that provides a secure replacement for the Berkeley r-tools.
The behavior of SCP is similar to that of Remote Copy Protocol (RCP), which comes from the Berkeley
r-tools suite (Berkeley university’s own set of networking applications), except that SCP relies on SSH for
security. In addition, SCP requires authentication, authorization, and accounting (AAA) to be configured to
ensure that the device can determine whether a user has the correct privilege level.
SCP allows only users with a privilege level of 15 to copy a file in the Cisco IOS File System (Cisco IFS) to
and from a device by using the copy command. An authorized administrator can also perform this action from
a workstation.
System Management Configuration Guide, Cisco IOS XE Amsterdam 17.2.x (Catalyst 9500 Switches)
245
To Next Page
Loading...
