The following table lists the Secure Copy (SCP) commands that are available to compensate for equivalent existing functionality of TFTP commands disabled in FIPS mode.
|
Command functionality |
TFTP commands not allowed in FIPS mode |
SCP commands with corresponding functionality in FIPS mode |
|---|---|---|
|
Import a digital certificate |
ip ssl certificate-data-file tftp ip-address certificate-filename |
scp certificate-filename user@ip-address:sslCert |
|
Import an RSA private key from a client |
ip ssl private-key-file tftp ip-address key-filename |
scp key-filename user@ip-address: sslPrivKey |
|
Load an RSA public key file from a client |
ip ssh pub-key-file tftp ip-address key-filename |
scp key-filename user@ ip-address: sshPubKey |
To import a digital certificate using SCP, enter a command such as the following:
C:> scp certfile user@192.168.89.210:sslCert
Syntax: scp certificate-filename user@ip-address:sslCert
Note
The scp command is not supported on NetIron CER devices.The certificate-filename variable is the file name of the digital certificate that you are importing to the device.
The ip-address variable is the IP address of the server from which the digital certificate file is downloaded.
The functionality of the scp command is equivalent to that of the disabled ip ssl certificate-data-file tftp command.
For more information on the scp command, refer to the Extreme NetIron Routing Configuration Guide.
To import an RSA private key from a client using SCP, enter a command such as the following:
C:> scp keyfile user@192.168.9.210:sslPrivKey
Syntax: scp key-filename user@ip-address:sslPrivKey
Note
The scp command is not supported on NetIron CER devices.The key-filename variable is the file name of the private key that you want to import into the device.
The ip-address variable is the IP address of the server that contains the private key file.
The functionality of the scp command is equivalent to that of the disabled ip ssl private-key-file tftp command.
For more information on the scp command, refer to the Extreme NetIron Routing Configuration Guide.