Configuring sftp, Overview, Configuring the firewall as an sftp server – H3C Technologies H3C SecPath F1000-E User Manual

175

Configuring SFTP

Overview

The Secure File Transfer Protocol (SFTP) is a new feature in SSH2.
SFTP uses the SSH connection to provide secure data transfer. The device can serve as the SFTP server,
allowing a remote user to log in to the SFTP server for secure file management and transfer. The device

can also serve as an SFTP client, enabling a user to log in from the device to a remote device for secure

file transfer.
With SSH connection across VPNs, you can configure the device as an SFTP client to establish
connections with SFTP servers in different MPLS VPNs. For more information about this function, see

"

Configuring SSH

."

Configuring the firewall as an SFTP server

Configuration prerequisites

Before you configure this task, complete the following tasks:

•

Configure the SSH server.

•

Use the ssh user service-type command to set the service type of SSH users to sftp or all.
For more information about the configuration procedures, see "Configuring SSH."

Enabling the SFTP server

This configuration task will enable the SFTP service so that a client can log in to the SFTP server through

SFTP.
To enable the SFTP server:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enable the SFTP server.

sftp server enable

Disabled by default

NOTE:

When the device functions as the SFTP server, only one client can access the SFTP server at a time. If the
SFTP client uses WinSCP, a file on the server cannot be modified directly; it can only be downloaded to a
local place, modified, and then uploaded to the server.