Archive for September, 2018

Cisco and SCP Notes

Using scp top copy configuration files and update software on Cisco equipment is a much better and secure way than tftp/ftp. Here are the basics for a couple Cisco devices.

ASA 5525:
To enable scp on a Cisco ASA running version 9.x:
(config)# ssh scopy enable

To harden ssh on a Cisco ASA running version 9.x:
(config)# ssh stricthostkeycheck
(config)# ssh timeout 60
(config)# ssh version 2
(config)# ssh cipher encryption medium
(config)# ssh cipher integrity medium
(config)# ssh key-exchange group dh-group14-sha1

How to copy a running configuration using scp:
# copy system:/running-config scp://username@aaa.bbb.ccc.ddd/myconfigname.cfg

3750 Switch Notes:
To enable scp on a 3750 switch:
#ip scp server enable

How to copy a running configuration from the ASA using scp:
#copy system:/running-config scp://username@aaa.bbb.ccc.ddd/myconfigname.cfg

How to copy from remote linux client:
# scp username@aaa.bbb.ccc.ddd:system:running-config .

Protected: ASA Clue

This content is password protected. To view it please enter your password below:

Return top

INFORMATION