IOS¤ÇSCP¤òÍøÍѤ¹¤ë
- ¥«¥Æ¥´¥ê:
- Cisco
º£²ó¤ÏSCP¤òÍøÍѤ·¤¿¥Õ¥¡¥¤¥ë¤ÎžÁ÷¤òÀßÄꤷ¤Þ¤¹¡£°ÊÁ°¤ÎIOS¤Ïftp-server¥³¥Þ¥ó¥É¤òÍøÍѤ·¤ÆFTP¥µ¡¼¥Ð¤È¤·¤Æ²Ôư¤µ¤»¤ë¤³¤È¤¬½ÐÍè¤Þ¤·¤¿¤¬¡¢¸½ºß¤ÏÄ̾ïÍøÍѽÐÍè¤Þ¤»¤ó¡£Âå¤ï¤ê¤Ë¤è¤ê°ÂÁ´¤ÊSCP¤ò»È¤¤¤Þ¤¹¡£SCP¤ÏSSH¤Îµ¡Ç½¤Î°ì¤Ä¤Ç¡¢°Å¹æ²½¤·¤¿¾õÂ֤ǥե¡¥¤¥ë¤òžÁ÷¤·¤Þ¤¹¤Î¤ÇFTP¤è¤ê°ÂÁ´¤Ç¤¹¡£
SCP¤òÍøÍѤ¹¤ë¤Ë¤Ï¡¢SSH¤¬É¬ÍפǤ¹¡£¤Þ¤º¡¢SSH¤ò͸ú¤Ë¤·¤Þ¤¹¡£
R1(config)#ip domain-name example.com R1(config)#crypto key generate rsa modulus 1024 |
F0/0¤ÏR2(12.12.12.2)¤ËÀܳ¤µ¤ì¤Æ¤ª¤ê¡¢F0/1¤ÏLAN¤ÇLinux¥µ¡¼¥Ð¤ÈÀܳ¤µ¤ì¤Æ¤¤¤Þ¤¹¡£
R1(config)#do sh ip int b Interface IP-Address OK? Method Status Protocol FastEthernet0/0 12.12.12.1 YES manual up up FastEthernet0/1 192.168.0.100 YES manual up up |
¤Þ¤ºÇ§¾Ú¤Î¤¿¤á¤ËAAA¤ò͸ú¤Ë¤·¤Þ¤¹¡£
R1(config)#aaa new-model |
AAA¤Çauthentication loing¤Èauthorization exec¤ò͸ú¤·¤Þ¤¹¡£º£²ó¤Ï¥í¡¼¥«¥ëǧ¾Ú¤òÍøÍѤ·¤Þ¤¹¡£
R1(config)#aaa authentication login default local R1(config)#aaa authorization exec default local |
ǧ¾Ú¤Ë»È¤¦¥æ¡¼¥¶¤òºîÀ®¤·¤Þ¤¹¡£¥æ¡¼¥¶Ì¾¤È¥Ñ¥¹¥ï¡¼¥É¶¦¡¢cisco¤Ë¤·¤Þ¤·¤¿¡£privilege¤ÎÀßÄê¤ËÃí°Õ¤¬É¬ÍפǤ¹¡£¥ì¥Ù¥ë¤Ë¤è¤Ã¤Æ¥Õ¥¡¥¤¥ë¤ÎÊݸ¤¬¥¨¥é¡¼¤Ë¤Ê¤ê¤Þ¤¹¡£
R1(config)#username cisco privilege 15 secret cisco |
ºÇ¸å¤Ëip scp server enable¤ÇSCP¤ò͸ú¤Ë¤·¤Þ¤¹¡£SSH¤ò͸ú¤Ë¤·¤¿¤À¤±¤Ç¤ÏSCP¤ÏÍøÍѤǤ¤Þ¤»¤ó¡£
R1(config)# ip scp server enable |
Àܳ¤Î³Îǧ¤Î¤¿¤á¤Ë¥Ç¥Ð¥°¤ò͸ú¤·¤Þ¤¹¡£
R1#debug ip scp Incoming SCP debugging is on |
¤Þ¤ºLinux¤Ë¤¢¤ë¥Õ¥¡¥¤¥ë(scp-test.txt)¤òR1¤ËžÁ÷¤·¤Þ¤¹¡£¤³¤³¤Ç¤Ï¥ë¡¼¥¿¤Îflash¤ËÊݸ¤ò¼Â¹Ô¤·¤Æ¤¤¤Þ¤¹¡£¥Õ¥¡¥¤¥ë̾(from_linux)¤Þ¤Ç»ØÄꤷ¤Þ¤¹¡£
$ cat scp-test.txt File from Linux to IOS. $ scp scp-test.txt cisco@192.168.0.100:flash:from_linux The authenticity of host '192.168.0.100 (192.168.0.100)' can't be established. RSA key fingerprint is 1d:a4:f5:d8:f8:88:6c:03:41:2c:b7:e2:d7:da:d1:51. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.0.100' (RSA) to the list of known hosts. Password: ¢« ¥Ñ¥¹¥ï¡¼¥É¤òÆþÎÏ scp-test.txt 100% 24 0.0KB/s 00:00 |
R1¤Î¥í¥°¤ò³Îǧ¤·¡¢ÆÏ¤¤¤¿¥Õ¥¡¥¤¥ë¤òmore¥³¥Þ¥ó¥É¤Çɽ¼¨¤·¤Æ¤¤¤Þ¤¹¡£
R1# Apr 25 07:53:26.823: SCP: [22 -> 192.168.0.180:34063] send <OK> Apr 25 07:53:26.843: SCP: [22 <- 192.168.0.180:34063] recv C0644 24 scp-test.txt Apr 25 07:53:26.855: SCP: [22 -> 192.168.0.180:34063] send <OK> Apr 25 07:53:26.875: SCP: [22 <- 192.168.0.180:34063] recv 24 bytes Apr 25 07:53:27.071: SCP: [22 <- 192.168.0.180:34063] recv <OK> Apr 25 07:53:27.075: SCP: [22 -> 192.168.0.180:34063] send <OK> Apr 25 07:53:27.079: SCP: [22 <- 192.168.0.180:34063] recv <EOF> R1# R1#dir flash: Directory of flash:/ 12 -rw- 24 Apr 25 2011 16:53:27 +09:00 from_linux 16777212 bytes total (16499660 bytes free) R1#more flash:from_linux File from Linux to IOS. |
IOS¤«¤éSCP¤òÍøÍѤ¹¤ë¤Ë¤Ïcopy¥³¥Þ¥ó¥É¤òÍøÍѤ·¤Þ¤¹¡£²¼µ¤Ïrunning-config¤ò¥³¥Ô¡¼¤¹¤ëÎã¤Ç¤¹¡£
R2#copy running-config scp://cisco@12.12.12.1/ Address or name of remote host [12.12.12.1]? Destination username [cisco]? Destination filename [r2-confg]? Writing r2-confg Password: ¢« ¥Ñ¥¹¥ï¡¼¥É¤òÆþÎÏ ! 1289 bytes copied in 14.320 secs (90 bytes/sec) |
žÁ÷¤µ¤ì¤Æ¤¤¤ë¤³¤È¤¬Ê¬¤«¤ê¤Þ¤¹¡£
R1#dir flash: Directory of flash:/ ¡Áά¡Á 15 -rw- 1289 Apr 25 2011 17:00:09 +09:00 r2-confg ¡Áά¡Á R1#more flash:r2-confg ! ! Last configuration change at 15:13:53 JST Mon Apr 25 2011 ! version 12.4 ¡Áά¡Á |