170
{ sha1 | sha1-96 } ] * [ publickey keyname | source { interface interface-type interface-number |
ipv6 ipv6-address } ] *
New syntax
In non-FIPS mode:
scp ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type
interface-number ] { put | get } source-file-name [ destination-file-name ] [ identity-key { dsa | ecdsa
| rsa | { x509v3-ecdsa-sha2-nistp384 | x509v3-ecdsa-sha2-nistp256 } pki-domain domain-name }
| prefer-compress zlib | prefer-ctos-cipher { 3des-cbc | aes128-cbc | aes256-cbc | des-cbc |
aes128-ctr | aes192-ctr | aes256-ctr | aes128-gcm | aes256-gcm } | prefer-ctos-hmac { md5 |
md5-96 | sha1 | sha1-96 | sha2-256 | sha2-512 } | prefer-kex { dh-group-exchange-sha1 |
dh-group1-sha1 | dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } |
prefer-stoc-cipher { 3des-cbc | aes128-cbc | aes256-cbc | des-cbc | aes128-ctr | aes192-ctr |
aes256-ctr | aes128-gcm | aes256-gcm } | prefer-stoc-hmac { md5 | md5-96 | sha1 | sha1-96 |
sha2-256 | sha2-512 } ] * [ { public-key keyname | server-pki-domain domain-name } | source
{ interface interface-type interface-number | ipv6 ipv6-address } ] *
In FIPS mode:
scp ipv6 server [ port-number ] [ vpn-instance vpn-instance-name ] [ -i interface-type
interface-number ] { put | get } source-file-name [ destination-file-name ] [ identity-key { ecdsa | rsa
| { x509v3-ecdsa-sha2-nistp384 | x509v3-ecdsa-sha2-nistp256 } pki-domain domain-name } |
prefer-compress zlib | prefer-ctos-cipher { aes128-cbc | aes256-cbc | aes128-ctr | aes192-ctr |
aes256-ctr | aes128-gcm | aes256-gcm } | prefer-ctos-hmac { sha1 | sha1-96 | sha2-256 |
sha2-512 } | prefer-kex { dh-group14-sha1 | ecdh-sha2-nistp256 | ecdh-sha2-nistp384 } |
prefer-stoc-cipher { aes128-cbc | aes256-cbc | aes128-ctr | aes192-ctr | aes256-ctr |
aes128-gcm | aes256-gcm } | prefer-stoc-hmac { sha1 | sha1-96 | sha2-256 | sha2-512 } ] *
[ { public-key keyname | server-pki-domain domain-name } | source { interface interface-type
interface-number | ipv6 ipv6-address } ] *
Views
User view
Change description
The following keywords were added:
Keywords for specifying PKI domains used in certificate verification:
ï‚¡ pki-domain domain-name: Specifies the PKI domain of the client's certificate. When the
public key algorithm is x509v3 (x509v3-ecdsa-sha2-nistp256 or
x509v3-ecdsa-sha2-nistp384), you must specify this option for the client to get the correct
local certificate.
ï‚¡ server-pki-domain domain-name: Specifies the PKI domain for verifying the server's
certificate. The domain-name argument represents the PKI domain name, a
case-insensitive string of 1 to 31 characters. If you do not specify the server's PKI domain,
the client uses the PKI domain of its own certificate to verify the server's certificate.
The PKI domain name cannot contain characters in the following table:
To Next Page
Loading...
Need help?
General
