Connecting the world…

hpe

HPE switch and SSH filetransfer

Upgrading firmware on switches, routers and/or firewalls is a common task for network administrators. Normally I am used to downloading the new firmware from the console of the switch. I normally download the software from a (T)FTP server. While configuring a bunch of HPE 2930F switches for SSH access I noticed that I had the option to configure “ip ssh filetransfer”.

I was curious what I would be able to do with this command and I figured out that it is useful for uploading new firmware to the switch. With the command I am able to upload software from a session on my laptop to the switch. I tested this in my home network with a firmware upgrade of my own HPE 2930F switches.

At first I enabled the “ip ssh filetransfer” option. Ofcourse you need to configure the regular SSH access to the switch, but I guess everybody enables SSH and disables Telnet by default!!!

2930F-01(config)# ip ssh
filetransfer Enable/disable secure file transfer capability.

I downloaded the new software image to my laptop and copy the software via SCP to the switch as primary flash image.

MacBook:Downloads rjn$ scp WC_16_05_0003.swi admin@10.10.1.3:/os/primary

The software is copied directly to the switch. You can check this on the switch:

2930F-01# show flash
Image Size (bytes) Date Version
—————– ———— ——– ————–
Primary Image : 28793113 12/08/17 WC.16.05.0003
Secondary Image : 20530856 10/26/16 WC.16.02.0014

You can also copy the file as secondary flash image and change the boot image via:

2930F-01(config)# boot system flash secondary

To activate the new software, just reload the switch. And don’t forget to get a backup of the configuration first.