Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
43503
Views
12
Helpful
5
Replies

Copying files to or from ISE with SCP.

Go to solution
Alex White-Robinson
Level 1
Level 1

‎04-18-2016 07:35 PM - edited ‎03-10-2019 11:41 PM

As per title - I'm having difficulty copying files to ISE's disk using SCP, any permutation of the syntax described in table 2-1 of http://www.cisco.com/c/en/us/td/docs/security/ise/1-4/cli_ref_guide/b_ise_CLIReferenceGuide_14/b_ise_CLIReferenceGuide_14_chapter_010.html just gives me an 'invalid url' error.

Has anyone managed this successfully?

Example:

copy scp:username:password@10.10.10.10/network/ise-patchbundle-1.3.0.876-Patch6-167221.x86_64.tar.gz disk:/

% Error: invalid url

It is probably the scp: URL, because 'copy running-config disk:/' works.

Edit: I gave up and used FTP. SCP appears to never work.

4 people had this problem
Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
Rao29
Level 1
Level 1

‎02-14-2019 11:34 AM

It's working for me. 

 

*First check and confirm that the repository is available from the ISE Node. "Show repository name"

 

*You probably not using the correct directory > "copy sftp:// Server IP address followed by /home/user... "

 

*confirm the exact path to the file by either SSH to your SFTP server or from the web admin console "/administration/administration_system/administration_system_backup/repository"

 

"copy sftp://192.x.x.x/home/username/ise-upgradebundle-2.0.x-2.3.x-to-2.4.0.357.SPA.x86_64.tar.gz disk:/ "

 

*Prompts you for the username and password.

 

*Unfortunately, you don't see any progress bar once the copying starts but, you can open another ssh session and type DIR to check if the file is present and the disk is increasing.

Directory of disk:/

4096 08:03:41 corefiles/
9437227296  13:08:46 ise-upgradebundle-2.0.x-2.3.x-to-2.4.0.357.SPA.x86_64.tar.gz

View solution in original post

5 Replies 5

Go to solution
nspasov
Cisco Employee
Cisco Employee

‎04-20-2016 04:19 PM

From the looks of it, ISE is not happy about the URL which appears to be in the correct format:

scp:[[[//username [:password]@]location]/directory]/filename

- What type is your SCP server that you are trying to copy to?

- Have you confirmed that the user is mapped to the proper directory?

- Have you tried to just use the root directory and see if that works?

Thank you for rating helpful posts!

0 Helpful

Go to solution
Rao29
Level 1
Level 1

‎02-14-2019 11:34 AM

It's working for me. 

 

*First check and confirm that the repository is available from the ISE Node. "Show repository name"

 

*You probably not using the correct directory > "copy sftp:// Server IP address followed by /home/user... "

 

*confirm the exact path to the file by either SSH to your SFTP server or from the web admin console "/administration/administration_system/administration_system_backup/repository"

 

"copy sftp://192.x.x.x/home/username/ise-upgradebundle-2.0.x-2.3.x-to-2.4.0.357.SPA.x86_64.tar.gz disk:/ "

 

*Prompts you for the username and password.

 

*Unfortunately, you don't see any progress bar once the copying starts but, you can open another ssh session and type DIR to check if the file is present and the disk is increasing.

Directory of disk:/

4096 08:03:41 corefiles/
9437227296  13:08:46 ise-upgradebundle-2.0.x-2.3.x-to-2.4.0.357.SPA.x86_64.tar.gz

Go to solution
hslai
Cisco Employee
Cisco Employee
In response to Rao29

‎02-15-2019 07:30 PM

Rao.Lutchia@barobinson.com is correct.

SCP is not currently supported. See CSCvh78921

0 Helpful

Go to solution
leejasper
Level 1
Level 1
In response to Rao29

‎08-26-2024 07:21 AM

What username and password is it looking for? That of the FTP server or the local admin of the ISE node

0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-15-2019 06:00 AM

Use this link to setup remote sftp linux repo:

https://www.howtoforge.com/tutorial/how-to-setup-an-sftp-server-on-centos/

 

Don't forget to add the key to ISE:

ise/admin# configure terminal
ise/admin(config)# repository myrepository
ise/admin(config-Repository)# url sftp://ise
ise/admin(config-Repository)# host-key host ise

 

On your server you may see the following errors:

sshd[18546]: fatal: bad ownership or modes for chroot directory "/data/ise" [postauth]

sshd[18351]: fatal: no matching cipher found: client aes256-cbc,aes128-cbc,aes128-gcm@openssh.com,aes256-gcm@openssh.com server aes128-ctr,aes192-ctr,aes256-ctr [preauth]

 

Double check ownership on your directories you are writing to or pulling from. Also, if you need to tweak ciphers modify your sshd_config.

 

Or if you want to use ftp you can do so this way (process should be similar even if attempting to use SCP):

make sure you create local repo
#conf t
#repository REPO
##url disk:

 

copy ftp://XXXXX/FILENAME disk:/

delete FILE disk:/

 

HTH!

0 Helpful
Customers Also Viewed These Support Documents