Accessing the Firewall Filesystem with SCP

Files may be transferred to and from the firewall with scp, which is part of the functionality that comes with having ssh access enabled.

See also

• Secure Shell (SSH)

• Granting Users Access to SSH

To connect to the firewall with SCP for file transfers, use the root account with the same credentials as admin, or a user account with sufficient privileges.

Note

In most recent versions, the admin account can also be used for scp, but using root is still the best practice.

Users with shell access may transfer files, as well as users with the User - System - Copy files privilege.

Note

Users other than root can only transfer or write files for which their account has permission to read or modify.

Any SCP/SFTP-compatible program may be used to transfer files. Popular choices include scp, FileZilla, and WinSCP.

An example: Logged into a FreeBSD machine, copy a file from /tmp on a remote firewall to the current local working directory:

myuser@somebox:~/$ scp root@192.168.1.1:/tmp/lan-traffic.rrd-4h.png .

Troubleshooting

If scp is failing with the error Illegal option -t or printing a usage message, check that the connection is using the root account, as mentioned above.