Supported SCP client configurations

SCP client automatically uses the authentication methods, encryption algorithm, and data compression level configured for SSH.

For example, if password authentication is enabled for SSH, you are prompted for a user name and password before SCP allows a file to be transferred.

The following conditions also apply:

  • SCP is enabled by default and can be enabled or disabled using the ip ssh scp disable | enable command.
  • If SSH is disabled, SCP is disabled automatically.
  • The SCP client session uses one SSH outbound client session.
  • Because the SCP client internally uses the SSH2 client for creating outbound SSH sessions from the device, all configurations related to the SSH2 client are required for SCP client support, as described here:
    • The SSH2 server on the device must be enabled by creating an SSH server DSA or RSA key pair; otherwise, the SSH2 client cannot be used.
    • You can use the crypto key client { generate | zeroize } dsa command to generate or delete an SSH-client-DSA key pair. The SSH-client-DSA public key is stored in the file - $$sshdsapub.key.
    • You can use the crypto key client generate rsa [modulus 1024 | 2048 ] command to generate an SSH-client-RSA key pair. The SSH-client-RSA public key is stored in the file $$sshrsapub.key.
    • You can use the crypto key client zeroize rsa command to delete an SSH-client-RSA key pair.

Beginning with 8.0.30d release, the SCP file transfer speed over high latency connections is increased.