It depends on the device, but the short answer is generally “by SSH using host keys, which we generate”. With Cisco devices, we SSH in and converse with the IOS command interface. We don’t TFTP rules (TFTP is insecure and we’re parental like that), and we don’t support IOS SCP (because very few IOS devices in the field seem to support it).

Last updated on September 17, 2009 by Thomas Ptacek