Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1202
Views
10
Helpful
1
Replies

minimum IOS version to support scp URLs

Go to solution
Thomas.Meyer
Level 1
Level 1

‎08-07-2014 04:16 AM

While recent IOS versions support scp sources or destinations for copy
operations ...

   aprompt#copy running-config ?
     flash1:         Copy to flash1: file system
     flash2:         Copy to flash2: file system
     flash:          Copy to flash: file system
     ftp:            Copy to ftp: file system
     http:           Copy to http: file system
     https:          Copy to https: file system
     null:           Copy to null: file system
     nvram:          Copy to nvram: file system
     rcp:            Copy to rcp: file system
     running-config  Update (merge with) current system configuration
     scp:            Copy to scp: file system
     startup-config  Copy to startup configuration
     system:         Copy to system: file system
     tftp:           Copy to tftp: file system
     tmpsys:         Copy to tmpsys: file system

   aprompt#copy running-config

... older ones obviously don't (here we have 12.1):

   aprompt#copy running-config ?
     bs:             Copy to bs: file system
     flash:          Copy to flash: file system
     ftp:            Copy to ftp: file system
     null:           Copy to null: file system
     nvram:          Copy to nvram: file system
     rcp:            Copy to rcp: file system
     running-config  Update (merge with) current system configuration
     startup-config  Copy to startup configuration
     system:         Copy to system: file system
     tftp:           Copy to tftp: file system
     xmodem:         Copy to xmodem: file system
     ymodem:         Copy to ymodem: file system
     zflash:         Copy to zflash: file system

   aprompt#copy running-config

Who could tell me the minumum version to support scp URLs?

Thanks and Regards, Thomas

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Vinod Arya
Cisco Employee
Cisco Employee

‎08-07-2014 06:57 AM

Ideally any feature set questions are answerable in Cisco Feature Navigator (http://www.cisco.com/go/fn).

The Secure Copy (SCP) feature provides a secure and authenticated method for copying router configuration or router image files. SCP relies on Secure Shell (SSH), an application and a protocol that provide a secure replacement for the Berkeley r-tools. So ideally you should be running crypto images (k9) which support SSH and hence SCP as well.

But following are some details about SCP, which may be helpful :

Feature Name
ReleasesFeature Information
Secure Copy12.2(2)T

12.0(21)S
12.2(25)S

This feature was introduced in Cisco IOS Release 12.2(2)T.

This feature was integrated into Cisco IOS Release 12.0(21)S.
This feature was integrated into Cisco IOS Release 12.2(25)S.
The following commands were introduced or modified: debug ip scpip scp server enable.

 

Following is details Feature Information for Secure Shell Version 2 Support:

 

Feature Name

Releases

Feature Information

Secure Shell Version 2 Support

12.2(11)T

12.2(25)S

12.3(4)T

15.3(2)S

The Secure Shell Version 2 Support feature allows you to configure Secure Shell (SSH) Version 2 (SSH Version 1 support was implemented in an earlier Cisco IOS software release). SSH runs on top of a reliable transport layer and provides strong authentication and encryption capabilities. SSH version 2 also supports AES counter-based encryption mode.

The following commands were introduced or modified: debug ip sship ssh min dh sizeip ssh rsa keypair-nameip ssh versionssh.

Secure Shell Version 2 Client and Server Support

12.0(32)SY

12.3(7)JA

12.4(17)

The Cisco IOS image was updated to provide for the automatic generation of SNMP traps when an SSH session terminates.

SSH Keyboard Interactive Authentication

12.2(33)SXH3

12.4(18)

The SSH Keyboard Interactive Authentication feature, also known as Generic Message Authentication for SSH, is a method that can be used to implement different types of authentication mechanisms. Basically, any currently supported authentication method that requires only user input can be performed with this feature.

Secure Shell Version 2 Enhancements

12.2(50)SY

12.4(20)T

15.1(2)S

The Secure Shell Version 2 Enhancements feature includes a number of additional capabilities such as support for VRF-aware SSH, SSH debug enhancements, and DH Group 14 and Group 16 exchange support.

In Cisco IOS 15.1(2)S, support was added for the Cisco 7600 series router.

Note   Only the VRF-aware SSH feature is supported in Cisco IOS Release 12.2(50)SY.

The following commands were introduced or modified: debug ip sship ssh dh min size.

Secure Shell Version 2 Enhancements for RSA Keys.

15.0(1)M

15.1(1)S

The Secure Shell Version 2 Enhancements for RSA Keys feature includes a number of additional capabilities to support RSA key-based user authentication for SSH and SSH server host key storage and verification.

The following commands were introduced or modified: ip ssh pubkey-chainip ssh stricthostkeycheck.

 

-Thanks

Vinod

**Encourage Contributors. RATE Them.**

 
-Thanks Vinod **Rating Encourages contributors, and its really free. **

View solution in original post

1 Reply 1

Go to solution
Vinod Arya
Cisco Employee
Cisco Employee

‎08-07-2014 06:57 AM

Ideally any feature set questions are answerable in Cisco Feature Navigator (http://www.cisco.com/go/fn).

The Secure Copy (SCP) feature provides a secure and authenticated method for copying router configuration or router image files. SCP relies on Secure Shell (SSH), an application and a protocol that provide a secure replacement for the Berkeley r-tools. So ideally you should be running crypto images (k9) which support SSH and hence SCP as well.

But following are some details about SCP, which may be helpful :

Feature Name
ReleasesFeature Information
Secure Copy12.2(2)T

12.0(21)S
12.2(25)S

This feature was introduced in Cisco IOS Release 12.2(2)T.

This feature was integrated into Cisco IOS Release 12.0(21)S.
This feature was integrated into Cisco IOS Release 12.2(25)S.
The following commands were introduced or modified: debug ip scpip scp server enable.

 

Following is details Feature Information for Secure Shell Version 2 Support:

 

Feature Name

Releases

Feature Information

Secure Shell Version 2 Support

12.2(11)T

12.2(25)S

12.3(4)T

15.3(2)S

The Secure Shell Version 2 Support feature allows you to configure Secure Shell (SSH) Version 2 (SSH Version 1 support was implemented in an earlier Cisco IOS software release). SSH runs on top of a reliable transport layer and provides strong authentication and encryption capabilities. SSH version 2 also supports AES counter-based encryption mode.

The following commands were introduced or modified: debug ip sship ssh min dh sizeip ssh rsa keypair-nameip ssh versionssh.

Secure Shell Version 2 Client and Server Support

12.0(32)SY

12.3(7)JA

12.4(17)

The Cisco IOS image was updated to provide for the automatic generation of SNMP traps when an SSH session terminates.

SSH Keyboard Interactive Authentication

12.2(33)SXH3

12.4(18)

The SSH Keyboard Interactive Authentication feature, also known as Generic Message Authentication for SSH, is a method that can be used to implement different types of authentication mechanisms. Basically, any currently supported authentication method that requires only user input can be performed with this feature.

Secure Shell Version 2 Enhancements

12.2(50)SY

12.4(20)T

15.1(2)S

The Secure Shell Version 2 Enhancements feature includes a number of additional capabilities such as support for VRF-aware SSH, SSH debug enhancements, and DH Group 14 and Group 16 exchange support.

In Cisco IOS 15.1(2)S, support was added for the Cisco 7600 series router.

Note   Only the VRF-aware SSH feature is supported in Cisco IOS Release 12.2(50)SY.

The following commands were introduced or modified: debug ip sship ssh dh min size.

Secure Shell Version 2 Enhancements for RSA Keys.

15.0(1)M

15.1(1)S

The Secure Shell Version 2 Enhancements for RSA Keys feature includes a number of additional capabilities to support RSA key-based user authentication for SSH and SSH server host key storage and verification.

The following commands were introduced or modified: ip ssh pubkey-chainip ssh stricthostkeycheck.

 

-Thanks

Vinod

**Encourage Contributors. RATE Them.**

 
-Thanks Vinod **Rating Encourages contributors, and its really free. **
Customers Also Viewed These Support Documents