Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentRPM-XF
12345678910
10
Release Notes for Cisco MGX 8880 Software Release 5.4.00
OL-11772-01
Release 5.3.00 Features and Enhancements
SFTP Limitations
The SFTP feature has the following limitations:
Maximum of 4 simultaneous sessions
Sessions have an infinite timeout
Must use forward slash (/) for path names
The following SFTP commands are not supported:
chown
chmod
chgrp
ln
rename, with absolute filenames
Symlink
Disabling Telnet and FTP
By default, the PXM45 permits unsecured access from Telnet and FTP clients, as well as secure access
from SSH and SFTP clients. A new option (16) of the cnfndparm command, along with an existing
option (15), disables unsecured Telnet and FTP access from remote hosts, while permitting secure SFTP
and SSH sessions.
If you plan to use SFTP and SSH on the PXM45, you should consider disabling FTP and Telnet access
to improve security. Telnet and FTP transfer all user ID, password, and session management information
between the client and the PXM45 using clear text. Clear, or unencrypted, text can be read by network
analysis and snooping tools.
Initializing SFTP
Upgrading PXM software is not sufficient to initialize and enable the SFTP feature. You must initialize
the sshd_config file and reset the MGX chassis. Because resetting a chassis can interrupt traffic, you
should initialize SFTP before upgrading software so you don’t need to reset it later.
To initialize SFTP, perform the following steps:
Step 1 Initiate an FTP session with the PXM card.
Step 2 Change to the F:/SSHD directory.
Step 3 Get the sshd_conf file from the F:/SSHD directory.
Step 4 Append the line subsystem sftp sftp to the file.
Step 5 Put the sshd_conf file into the F:/SSHD directory.
Option 15 Type yes to disable Telnet access to this switch. Type no to enable Telnet access.
Default: no (Telnet access is enabled)
Option 16 Type yes to disable unsecured access to this switch, either Telnet or FTP. Changing this
option from no to yes automatically changes Option 15 to yes. Changing from yes to
no has no affect on Option 15.
Default: no (Unsecured access is enabled)