07-22-2011 04:15 AM - edited 03-10-2019 06:14 PM
Hi
After we have installed patch 5 on several ACS 5.2 server they aren't able anymore to write their backups to the sftp servers. I tried to search on the bug tool kit, but it seems to be broken when searching for the keyword "sftp". It's the same when I try to do a "copy logs" with sftp as destination.
running a debug I can see:
acs/admin# copy logs sftp://10.1.115.11/
Collecting logs...
Username: backupuser
Password:
6 [16376]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /var/tmp/ADElogs.tar.gz requested
6 [16376]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.1.115.11
7 [16383]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz backupuser@10.1.115.11://ADElogs.tar.gz
% Error: Transfer failed
3 [16376]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed
3 [16376]: copy: cm_copy.c[1226] [admin]: Logs archive transfer to url sftp://10.1.115.11/ failed retcode=-306
acs/admin#
Is anybody else seeing this problem?
01-04-2012 03:02 PM
hi all,
upgrade to 5-3-0-40-1, and still having backup issues,
error message,
% Creating backup with timestamped filename: acs2-120105-0956.tar.gpg
% ERROR : Backup failed due to one of the following reasons
1. host-key option is not configured
2. host key is removed because of re-image
3. host key is removed from some other repository having same ip/hostname
% Please reconfigure the host-key option
% SSH connect error
% Creating backup with timestamped filename: acs2-120105-0956.tar.gpg
% ERROR : Backup failed due to one of the following reasons
1. host-key option is not configured
2. host key is removed because of re-image
3. host key is removed from some other repository having same ip/hostname
% Please reconfigure the host-key option
% SSH connect error
no info in google please advise
thanks
01-04-2012 03:43 PM
Hello,
I am assuming that you upgraded your ACS to 5.3 Patch 1 based on the known issue:
CSCtn78315 | Backing up data failed while using SFTP if it was not transferred within 60 seconds. This problem is resolved now. |
However, we might run into the same issue if the server you are copying the backup does not support SCP.
If you execute the "show repository
If the "show repository
ACS 5.x uses SFTP to "READ" the server folder but uses SCP to "copy/write" files to it.
Hope this helps.
Regards.
01-04-2012 03:49 PM
hi
ssh to host via console and all working
thanks
09-06-2012 12:15 AM
pls check...if it can help to get the sollution...
ACS5.2/admin# copy logs disk:/ACS5.2
Collecting logs...
6 [22514]: transfer: cars_xfer.c[293] [admin]: local copy out of /var/tmp/ADElogs.tar.gz requested
7 [22514]: transfer: cars_xfer_util.c[959] [admin]: copying /var/tmp/ADElogs.tar.gz to /localdisk/ACS5.2
ACS5.2/admin# copy logs sftp://10.13.1.30
Collecting logs...
Username: username
Password:
6 [22523]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /var/tmp/ADElogs.tar.gz requested
6 [22523]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.x.x.x
7 [22532]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz User@10.x.x.x://ADElogs.tar.gz
3 [22523]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed
% Error: Transfer failed
3 [22523]: copy: cm_copy.c[1226] [admin]: Logs archive transfer to url sftp://10.x.x.x failed retcode=-306
ACS5.2/admin# ssh 10.x.x.x username
User@10.x.x.x's password:
Last login: Thu Sep 6 12:24:40 2012 from ACS5.2
User@Bcld170bm2 ~
$ /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz User@10.x.x.x:/10.x.x.x
User@10.x.x.x's password:
ADElogs.tar.gz 100% 0 0.0KB/s 00:00
09-06-2012 02:37 AM
Problem is still same. even manualy, I am not able to send the backup file to the sftp server.
ACS5.2/admin# copy disk:running-config sftp://x.x.x.x/
Username: username
Password:
6 [28826]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /localdisk/running-config requested
6 [28826]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.x.x.x
7 [28832]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /localdisk/running-config User@10.x.x.x://running-config
% Error: Transfer failed
3 [28826]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed
ACS5.2/admin# 3 [28826]: copy: cm_copy.c[640] [admin]: localfile disk:running-config transfer to url sftp://10.x.x.x/ failed retcode=-306
10-11-2012 08:24 AM
Hi,
Let me share my experience on this before.
I have faced this before, and the workaround was to access the ACS DB with root patch.... So, install the root patch on ACS server, access with root credentials , then try the sftp command ... It should work like a charm.
03-27-2013 01:30 PM
I was having the same issue using verion 5.3 I was able to fix the issue with host-key sync command. Hope this helps everyone else with their issue.
(config)# repository SFTP
(config-Repository)# host-key sync
10-29-2013 04:34 PM
Thanks Heaps Poliberte! Your suggestion fixed the issue.
03-10-2016 05:18 AM
Poliberte, this fixed my issue too. My issue was monitoring backups from the secondary server were failing to send to the SFTP server. Initially I didn't think it would fix my issue because backups from my primary ACS server were working to the same SFTP server. I had already done the host-key sync on the primary ACS server and I thought the host key would sync to the secondary ACS server. The host-key must not sync to the secondary server because after I ran host-sync on the secondary server, monitoring backups began to work.
03-10-2016 06:49 AM
That is correct, the host keys do not replicate along with the ACS configuration data.
Javier Henderson
Cisco Systems
11-05-2013 02:26 PM
https://supportforums.cisco.com/thread/2243416
http://www.cisco.com/en/US/products/ps9911/products_tech_note09186a0080bb8100.shtml#sol12
Problem: SFTP backup is not working when using Cisco Works as the SFTP server
When the network resource is on the CiscoWorks server, the backup scheduler works fine with other SFTP clients, but not ACS 5.2. Specifically, when trying to connect to the SFTP server from the ACS, the Unable to negotiate a key exchange method error message is received.
Solution
In this case, the SFTP server is not a FIPS compliant device using the DH 14 group. ACS only supports servers with DH 14 support as it is FIPS compliant. For more information about this issue, refer to Known Limitations in ACS 5.2.
04-26-2015 05:31 AM
Hi Team,
I am facing the same issue in Cisco acs 5.3.40 wherein I have configured TFTP repository which is also not reflecting in ACS and giving error tftp protocol not supported.
Error - % Error: Failed to perform ACS restore: SSH connect error
request your help on the same ... Thanks in advance
11-30-2015 09:22 PM
I have the same issue with ACS release 5.3.0.40.9. , I couldn't make any backup via SFTP.
The solution is to enable SCP on the SFTP server, then it works.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide