350
Syntax
In non-FIPS mode:
sftp
server
[
port-number
] [
vpn-instance
vpn-instance-name
]
[
identity-key
{
dsa
|
rsa
} |
prefer-compress
{
zlib
|
zlib-openssh
} |
prefer-ctos-cipher
{
3des
|
aes128
|
des
} |
prefer-ctos-hmac
{
md5
|
md5-96
|
sha1
|
sha1-96
} |
prefer-kex
{
dh-group-exchange
|
dh-group1
|
dh-group14
} |
prefer-stoc-cipher
{
3des
|
aes128
|
des
} |
prefer-stoc-hmac
{
md5
|
md5-96
|
sha1
|
sha1-96
} ] *
In FIPS mode:
sftp
server
[
port-number
]
[
vpn-instance
vpn-instance-name
] [
identity-key
rsa
|
prefer-ctos-cipher
{
aes128
|
aes256
} |
prefer-ctos-hmac
{
sha1
|
sha1-96
} |
prefer-kex
dh-group14
|
prefer-stoc-cipher
{
aes128
|
aes256
} |
prefer-stoc-hmac
{
sha1
|
sha1-96
} ] *
Views
User view
Default command level
3: Manage level
Parameters
server
: Specifies an IPv4 server by its address or host name, a case-insensitive string of 1 to 20
characters.
port-number
: Specifies the port number of the server, in the range of 0 to 65535. The default is 22.
vpn-instance
vpn-instance-name
: Specifies the MPLS L3VPN to which the server belongs, where
the
vpn-instance-name
argument
is a case-sensitive string of 1 to 31 characters. If the server is on
the public network, do not specify this option.
identity-key
: Specifies the algorithm for publickey authentication, either
dsa
or
rsa
. In non-FIPS
mode, the algorithm is either
dsa
or
rsa
. In FIPS mode, the algorithm is
rsa
.
•
dsa
: Specifies the public key algorithm
dsa.
•
rsa
: Specifies the public key algorithm
rsa
.
prefer-compress
: Specifies the preferred compression algorithm. By default, the compression
algorithm is not used.
•
zlib
: Specifies the compression algorithm ZLIB.
•
zlib-openssh
: Specifies the compression algorithm [email protected].
prefer-ctos-cipher
: Specifies the preferred client-to-server encryption algorithm. The default is
aes128
.
•
3des
: Specifies the encryption algorithm 3des-cbc. This keyword is not available in FIPS mode.
•
aes128
: Specifies the encryption algorithm aes128-cbc.
•
aes256
: Specifies the encryption algorithm aes256-cbc. This keyword is not available in
non-FIPS mode.
•
des
: Specifies the encryption algorithm des-cbc. This keyword is not available in FIPS mode.
prefer-ctos-hmac
: Specifies the preferred client-to-server HMAC algorithm. The default is
sha1-96
.
•
md5
: Specifies the HMAC algorithm hmac-md5. This keyword is not available in FIPS mode.
•
md5-96
: Specifies the HMAC algorithm hmac-md5-96. This keyword is not available in FIPS
mode.
•
sha1
: Specifies the HMAC algorithm hmac-sha1.
•
sha1-96
: Specifies the HMAC algorithm hmac-sha1-96.
prefer-kex
: Specifies the preferred key exchange algorithm. The default is
dh-group-exchange
in
non-FIPS mode, and is
dh-group14
in FIPS mode.