Network technologies and trends

Nov 14 2009   7:13AM GMT

How to configure Secure Copy (SCP) in Cisco Devices?

Yasir Irfan Yasir Irfan Profile: Yasir Irfan

In my previous post I was talking about the Secure Copy (SCP) what is it?  , now let’s see how to configure Secure Copy (SCP) in a Cisco Router or a Switch.

In order to configure Secure Copy (SCP) in a Cisco Router make sure the SSH is enabled and its working.

Step 1) Lets enable the SSH and AAA features in the Cisco Device


ITKE-AS1(config)#ip domain-name

ITKE-AS1(config)#crypto key generate rsa general-keys modulus 512

The name for the keys will be:


% The key modulus size is 512 bits

% Generating 512 bit RSA keys, keys will be non-exportable…[OK]



ITKE-AS1(config)#aaa new-model

ITKE-AS1(config)#aaa authentication login default local

ITKE-AS1(config)#aaa authentication exec default local


Step 2) In order to use the SCP feature to manage configuration we must have at least once user account with enough privilege to access it


ITKE-AS1(config)#username itke privilege 15 password secret itkeleads


Step 3) Now you are ready to enable the SCP server on:

ITKE-AS1(config)#ip scp server enable



Just by following these 3 simple steps we can enable Secure Copy (SCP) in a Cisco router or a Switch. For any further clarifications you can always have a close look at Cisco’s document on Secure Copy (SCP). 

1  Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.
  • hasimali

    Should be 

    TKE-AS1(config)#aaa authorization exec default local

    10 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: