154
Backslash \ Right angle bracket >
Vertical bar | Quotation marks "
Colon : Apostrophe '
server-pki-domain domain-name: Specifies the PKI domain for verifying the server's certificate.
The domain-name argument represents the PKI domain name, a case-insensitive string of 1 to 31
characters, excluding the characters listed in Table 8.
prefer-compress: Specifies the preferred compression algorithm for data compression between the
server and the client. By default, compression is not supported.
zlib: Specifies the compression algorithm zlib.
dscp dscp-value: Specifies the DSCP value in the IPv6 SFTP packets. The value range for the
dscp-value argument is 0 to 63, and the default value is 48. The DSCP value determines the
transmission priority of the packet.
source: Specifies a source IP address or source interface for IPv6 SFTP packets. By default, the
device automatically selects a source address for IPv6 SFTP packets in compliance with RFC 3484.
For successful IPv6 SFTP connections, use one of the following methods:
Specify the loopback interface as the source interface.
Specify the IPv6 address of the loopback interface as the source IPv6 address.
interface interface-type interface-number: Specifies a source interface by its type and number. The
IPv6 address of this interface is the source IP address of the IPv6 SFTP packets.
ipv6 ipv6-address: Specifies a source IPv6 address.
Usage guidelines
If the client and the server have negotiated to use certificate authentication, the client must verify the
server's certificate. For the client to correctly get the server's certificate, you must specify the server's
PKI domain on the client by using the server-pki-domain domain-name option. The client uses the
CA certificate stored in the specified PKI domain to verify the server's certificate and does not need to
save the server's public key before authentication. If you do not specify the server's PKI domain, the
client uses the PKI domain of its own certificate to verify the server's certificate.
Examples
# Use the 192-bit Suite B algorithms to establish a connection to the SFTP sever 2000::1. Specify
the client's PKI domain and the server's PKI domain as clientpkidomain and serverpkidomain,
respectively.
<Sysname> sftp ipv6 2000::1 suite-b 192-bit pki-domain clientpkidomain server-pki-domain
serverpkidomain
New command: sftp suite-b
Use sftp suite-b to establish a connection to an IPv4 SFTP server based on Suite B algorithms and
enter SFTP client view.
To Next Page
Loading...
Need help?
General
