How to transfer files between controllers using SCP?

MVP
MVP
Requirement:

How to transfer files between controller using SCP service on controller itself?



Solution:

Use case, customer may not have file transfer servers in his or her setup and in such case, we can use SCP service on controller to transfer files between controllers.

 

Enable SCP service on the controller where the file needs to be send to as that would act as the SCP server. No need to enable SCP service on the controller from where file is being sent.



Configuration:

To check if SCP service is enabled;

 

(MD) [MDC] #show scp 

service scp is disabled

 

To enable SCP service:

 

(MM) [00:1a:1e:x:x:x] (config) #service SCP
(MM) ^[00:1a:1e:x:x:x] (config) #show configuration pending 
service scp

 

To disable SCP service;

 

(MM) ^[00:1a:1e:x:x:x] (config) #no service scp

 

(MD) [MDC] #show scp 

service scp is enabled


Verification

Using local mgmt user:

 

(MM) [mynode] (config) #copy flash: mac_addr.cfg scp: <2nd controller ip> scp mac_addr.cfg 
Password:********


Secure file copy:
Press 'q' to abort.
................................................................................................................................................................................
File uploaded successfully

 

(MM) [mynode] (config) #copy flash: mac_addr.cfg scp: <2nd controller ip> admin mac_addr-1.cfg 
Password:********


Secure file copy:
Press 'q' to abort.
............................................................................................
File uploaded successfully

 

Dir output from 2nd controller

 

-rw-r--r--    1 root     root           18 Apr  9 03:02 mac_addr-1.cfg         <<<<<<<<<< filed copied using username admin
-rw-r--r--    1 root     root           18 Apr  9 03:01 mac_addr.cfg           <<<<<<<<<< filed copied using username scp

 

This does not work if management user is authenticated against external server.

 

(MM) [mynode] (config) #copy flash: mac_addr.cfg scp: <2nd controller ip> <AD username> mac_addr-2.cfg 
Password:**********


Secure file copy:
Press 'q' to abort.
................................................................................
Error copying file:
Permission denied: wrong username or password

 

On MD, we see authentication failure for AD username;

 

Apr 9 03:01:05 :199801:  <22234> <INFO> |sshd|  Accepted password for scp from x.x.x.x port 49756 ssh2
Apr 9 03:02:18 :199801:  <22538> <INFO> |sshd|  Accepted password for admin from x.x.x.x port 51242 ssh2
Apr 9 03:03:13 :125022:  <6894> <WARN> |aaa|  Authentication failed for User <AD username>, Logged in from x.x.x.x port 22, Connecting to x.x.x.x port 52402 connection type SSH
Apr 9 03:03:13 :199801:  <22814> <INFO> |sshd|  Failed password for <AD username> from x.x.x.x port 52402 ssh2
Version history
Revision #:
2 of 2
Last update:
3 weeks ago
Updated by:
 
Labels (1)
Contributors