1 Rookie
•
3 Posts
1
80
May 23rd, 2025 16:05
SFTP Access on S5248-ON Switch
On my S5248-ON switch, I needing to use SFTP remotely using WinSCP to update the firmware; however, I get denied access when trying to access the switch. SFTP is enabled on the switch. The switch is new. I have looked for documentation for the switch, but have not find anything about configuring access for SFTP. What needs to be configured on the switch to allow access? Thank you
No Events found!
DELL-Young E
Moderator
•
5.1K Posts
0
June 26th, 2025 02:59
Hello these are the link that help you upgrade OS10 firmware on the new switch.
https://www.dell.com/support/kbdoc/en-sg/000198774/os-upgrade-via-onie-install
Operating system Install using ONIE Install - Fresh Install
https://www.dell.com/support/kbdoc/en-my/000206589/how-to-clean-install-onie-firmware-updater-ssd-firmware-os10-on-s4100-series-switches-using-usb
How to clean install ONIE, Firmware updater, SSD firmware, and OS10 on S4100 switches | Dell Malaysia
You can upgrade the switch by TFTP or USB drive in ONIE mode. Since it is a new switch and clean installation is recommended.
Respectfully,
DELL-Chris H
Moderator
•
9.4K Posts
0
May 23rd, 2025 20:14
Kstech,
To start, if you get “Access Denied,” then I would double-check that:
The user has shell access (shell ssh).
The password is correct.
The switch is not blocking port 22 via ACLs or firewall settings.
If those are all ok, then you can try following the steps below;
1. Enable SFTP (if not already)
configure terminal
ip ssh server enable
ip ssh sftp server enable
2. Create a Local User with Shell Access
username admin password yourpassword
username admin shell ssh
The shell ssh part is critical—it allows the user to access the system shell, which is required for SFTP.
3. Verify User Home Directory
Ensure the user has a valid home directory. You can check this by logging in via SSH and running:
getent passwd admin
If needed, you can manually set the home directory in Linux shell (requires root access).
4. Test with WinSCP
Protocol: SFTP
Hostname: IP of the switch
Port: 22
Username: admin
Password: yourpassword
Give that a show and let me know if this helps.
ks1tech
1 Rookie
•
3 Posts
0
May 30th, 2025 19:56
I am not sure if SFTP is enabled on our switch. Is there a way to check that? Are the commands different for a switch that is running Dell SmartFacric OS10 Enterprise? OS version is 10.6.0.1. When I run ip ssh sftp server enable, this command does not exist as shown below.
Thank you
DELL-Chris H
Moderator
•
9.4K Posts
0
May 30th, 2025 20:15
show snmp
SNMP agent is enabled
SNMP version: v2c
Community string: public (Read Only)
Trap host:
configure terminal
snmp-server community public ro
snmp-server enable
Let me know if this helps.
DELL-Chris H
Moderator
•
9.4K Posts
0
May 30th, 2025 20:41
Sorry I thought you stated SNMP, not SFTP. The S5248F-ON switch running OS10 does not support inbound SFTP connections.
This means:
You can verify it is enabled using the
show file-transfer protocols
Is it that you are trying to connect to an SFTP server to download the firmware? If so then you should just need to use the command above to confirm SFTP is listed and it should work to download the firmware.
ks1tech
1 Rookie
•
3 Posts
0
May 30th, 2025 21:37
Thank you for the information on SFTP. I checked but the show file-transfer protocols command does not look like it is available on the switch.
To upload new Firmware to the Switch, is the only way is to use Out of Band management interface on the switch to transfer files? Is that the recommended way to update the Firmware?
Mattew Wade
1 Rookie
•
10 Posts
0
June 25th, 2025 10:32
Interesting question I’ve run into similar limitations with SFTP on certain switch models. From what I’ve seen, Dell switches like the S5248 typically support FTP or TFTP by default, but SFTP access is either limited or not supported unless explicitly enabled via firmware or additional modules.
It might be worth checking if there's a specific OS10 or OS version requirement for SFTP, or if enabling SSH automatically enables SFTP in your build. Also, double-check user permissions sometimes it's a role-based access issue rather than a protocol one.