That is correct, the host - Page 2

ROBERTO GIANA · ‎07-22-2011

Hi

After we have installed patch 5 on several ACS 5.2 server they aren't able anymore to write their backups to the sftp servers. I tried to search on the bug tool kit, but it seems to be broken when searching for the keyword "sftp". It's the same when I try to do a "copy logs" with sftp as destination.

running a debug I can see:

acs/admin# copy logs sftp://10.1.115.11/

Collecting logs...

Username: backupuser

Password:

6 [16376]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /var/tmp/ADElogs.tar.gz requested

6 [16376]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.1.115.11

7 [16383]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz backupuser@10.1.115.11://ADElogs.tar.gz

% Error: Transfer failed

3 [16376]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed

3 [16376]: copy: cm_copy.c[1226] [admin]: Logs archive transfer to url sftp://10.1.115.11/ failed retcode=-306

acs/admin#

Is anybody else seeing this problem?

alicato43 · ‎01-04-2012

hi all,

upgrade to 5-3-0-40-1, and still having backup issues,

error message,

% Creating backup with timestamped filename: acs2-120105-0956.tar.gpg

% ERROR : Backup failed due to one of the following reasons

1. host-key option is not configured

2. host key is removed because of re-image

3. host key is removed from some other repository having same ip/hostname

% Please reconfigure the host-key option

% SSH connect error

% Creating backup with timestamped filename: acs2-120105-0956.tar.gpg
% ERROR : Backup failed due to one of the following reasons
1. host-key option is not configured
2. host key is removed because of re-image
3. host key is removed from some other repository having same ip/hostname
% Please reconfigure the host-key option
% SSH connect error

no info in google please advise

thanks

camejia · ‎01-04-2012

Hello,

I am assuming that you upgraded your ACS to 5.3 Patch 1 based on the known issue:

CSCtn78315

Backing up data failed while using SFTP if it was not transferred within 60 seconds. This problem is resolved now.

However, we might run into the same issue if the server you are copying the backup does not support SCP.

If you execute the "show repository " do you get the listing output of the files that exist on server? If yes we need to verify that the SFTP server supports SCP as well.

If the "show repository " successfully retrieves the files listing but you are not able to backup your ACS configuration to the same server a possible reason is that the SFTP server does not support or does not have SCP enabled on it.

ACS 5.x uses SFTP to "READ" the server folder but uses SCP to "copy/write" files to it.

Hope this helps.

Regards.

alicato43 · ‎01-04-2012

hi

ssh to host via console and all working

thanks

sanjayk_gupta · ‎09-06-2012

pls check...if it can help to get the sollution...

ACS5.2/admin# copy logs disk:/ACS5.2

Collecting logs...
6 [22514]: transfer: cars_xfer.c[293] [admin]: local copy out of /var/tmp/ADElogs.tar.gz requested
7 [22514]: transfer: cars_xfer_util.c[959] [admin]: copying /var/tmp/ADElogs.tar.gz to /localdisk/ACS5.2

ACS5.2/admin# copy logs sftp://10.13.1.30
Collecting logs...
Username: username

Password:
6 [22523]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /var/tmp/ADElogs.tar.gz requested
6 [22523]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.x.x.x

7 [22532]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz User@10.x.x.x://ADElogs.tar.gz
3 [22523]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed
% Error: Transfer failed
3 [22523]: copy: cm_copy.c[1226] [admin]: Logs archive transfer to url sftp://10.x.x.x failed retcode=-306
ACS5.2/admin# ssh 10.x.x.x username
User@10.x.x.x's password:
Last login: Thu Sep 6 12:24:40 2012 from ACS5.2

User@Bcld170bm2 ~
$ /usr/bin/scp -o StrictHostKeyChecking=no /var/tmp/ADElogs.tar.gz User@10.x.x.x:/10.x.x.x
User@10.x.x.x's password:
ADElogs.tar.gz 100% 0 0.0KB/s 00:00

User@SFTPServer ~

sanjayk_gupta · ‎09-06-2012

Problem is still same. even manualy, I am not able to send the backup file to the sftp server.

ACS5.2/admin# copy disk:running-config sftp://x.x.x.x/
Username: username

Password:
6 [28826]: transfer: cars_xfer.c[301] [admin]: sftp copy out of /localdisk/running-config requested
6 [28826]: transfer: cars_xfer_util.c[412] [admin]: resolved server to 10.x.x.x

7 [28832]: transfer: sftp_copy.c[75] [daemon]: Executing SFTP command: /usr/bin/scp -o StrictHostKeyChecking=no /localdisk/running-config User@10.x.x.x://running-config
% Error: Transfer failed
3 [28826]: transfer: sftp_copy.c[230] [admin]: sftp_copy ERROR: command execution failed
ACS5.2/admin# 3 [28826]: copy: cm_copy.c[640] [admin]: localfile disk:running-config transfer to url sftp://10.x.x.x/ failed retcode=-306

Roya Hatamleh · ‎10-11-2012

Hi,

Let me share my experience on this before.

I have faced this before, and the workaround was to access the ACS DB with root patch.... So, install the root patch on ACS server, access with root credentials , then try the sftp command ... It should work like a charm.

Poliberte · ‎03-27-2013

I was having the same issue using verion 5.3 I was able to fix the issue with host-key sync command. Hope this helps everyone else with their issue.

(config)# repository SFTP

(config-Repository)# host-key sync

pvzcisco07 · ‎10-29-2013

Thanks Heaps Poliberte! Your suggestion fixed the issue.

jzangmeister · ‎03-10-2016

Poliberte, this fixed my issue too. My issue was monitoring backups from the secondary server were failing to send to the SFTP server. Initially I didn't think it would fix my issue because backups from my primary ACS server were working to the same SFTP server. I had already done the host-key sync on the primary ACS server and I thought the host key would sync to the secondary ACS server. The host-key must not sync to the secondary server because after I ran host-sync on the secondary server, monitoring backups began to work.

Javier Henderson · ‎03-10-2016

That is correct, the host keys do not replicate along with the ACS configuration data.

Javier Henderson

Cisco Systems

blenka · ‎11-05-2013

https://supportforums.cisco.com/thread/2243416

http://www.cisco.com/en/US/products/ps9911/products_tech_note09186a0080bb8100.shtml#sol12

Problem: SFTP backup is not working when using Cisco Works as the SFTP server

When the network resource is on the CiscoWorks server, the backup scheduler works fine with other SFTP clients, but not ACS 5.2. Specifically, when trying to connect to the SFTP server from the ACS, the Unable to negotiate a key exchange method error message is received.

Solution

In this case, the SFTP server is not a FIPS compliant device using the DH 14 group. ACS only supports servers with DH 14 support as it is FIPS compliant. For more information about this issue, refer to Known Limitations in ACS 5.2.

Pranav Gade · ‎04-26-2015

Hi Team,

I am facing the same issue in Cisco acs 5.3.40 wherein I have configured TFTP repository which is also not reflecting in ACS and giving error tftp protocol not supported.

Error - % Error: Failed to perform ACS restore: SSH connect error

request your help on the same ... Thanks in advance

Michael Jiang · ‎11-30-2015

I have the same issue with ACS release 5.3.0.40.9. , I couldn't make any backup via SFTP.

The solution is to enable SCP on the SFTP server, then it works.

ACS 5.2 fails to send files to sftp server after installing patch 5