×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Fetch/depoly images with SCP

Unanswered Question
Sep 24th, 2006
User Badges:

Folks,


I'm trying to beef-up security in our network. I've changed several test machines to work with SSH and SCP instead of Telnet and TFTP. Also enabled SNMPv3 with authentication.


Device Credentials test shows OK for SNMPv3, SSH and Enable in SSH.

I can safetly use putty to login via SSH to the equipment(Cisco 3800_ISR, Cat2960). Enabled SCP according to the docs + AAA configs.

I've tried to fetch an image from one of these devices, but the job failed with an error.


Same goes for Config files.


Please review my config below:

aaa new-model

aaa authentication login default local

aaa authentication enable default none

aaa authorization exec default local

username myuser privilege 15 password 0 justuser



ip domain-name mydom.com

ip ssh time-out 120

ip ssh authentication-retries 3

ip ssh version 2

ip ssh source-interface Loopback0

ip scp server enable


snmp-server group MyGRP v3 auth read MyUser write MyUser

snmp-server group MyGRP v3 auth


Thanks,


Y.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
y-korolevski Mon, 09/25/2006 - 05:46
User Badges:

Unfortunately I'm not in front of the system console at the moment. I recall that it says something about SCP error. It appeared just right after the message that "The device is locked for access".

Actions

This Discussion