Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3275
Views
2
Helpful
6
Replies

How to obtain SFTP Fingerprint for CSPC Backup?

Go to solution
j.fairfax
Level 4
Level 4

‎10-18-2018 08:51 AM

We're attempting to configure our CSPC VM appliance running version 2.7 for SFTP Backups which fail. 

It would appear that don't have the correct "Fingerprint" value set since FTP backups work from the CSPC appliance and SFTP backups work via WinSCP from a PC.

 

We attempted to obtain the Backup Linux server's "Fingerprint" via the following command and tried each MD5 value.

 ssh-keygen -lf /etc/ssh/ssh_ho st_rsa_key.pub

 

Below is the CSPC Failed Job log.  (Backup server name was modified.)

 

Message
"Starting file system backup."
"CSPC Properties Configuration File loaded Successfully./opt/cisco/ss/adminshell/applications/CSPC/resources/server/backup_resource_config.properties"
"Successfully backedup resource : resources/server/backup_resource_config.properties"
"Adding CSPC Version Details."
"Adding CSPC keys"
"Adding DB Creden file."
"Adding Misc-logging.jar."
"Starting database backup."
"Database backedup successfully."
"No add-on backup data received from addon module Agent"
"Starting the backup file encryption."
"Successfully encrypted the backup file."
"Starting the backup file upload to : linuxbackup-server"
"Failed to upload the backup file to linuxbackup-server. Retrying Backup 2nd time."
"Failed to upload the backup file to linuxbackup-server"

1 person had this problem
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
antchris
Cisco Employee
Cisco Employee

‎10-31-2018 11:25 AM

Hi Joseph,

Thank you for your input and exchange via private message. For posterity, I will  make the solution visible for public community use:

 

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key


Note: The RSA SHA 256 Fingerprint should be generated from the host SFTP server and the "User Name" & "Password" must be that of a valid host SFTP user. You can find that and how to configure the CSPC SFTP backup profile per the CSPC User Guide Appendix 17 (G) and pg. 9-11 (respectively).

Again thank you for your use of the community and verified confirmation.

Regards,
AC

View solution in original post

6 Replies 6

Go to solution
Cheri Fairbrother
Level 1
Level 1

‎10-19-2018 02:05 PM

Hi Joseph,

We are working to get an answer for you on this. An expert will reply further with details when available.

Cheers,
Cheri

0 Helpful

Go to solution
antchris
Cisco Employee
Cisco Employee

‎10-23-2018 07:49 AM

Hello Joseph,

I am in the process of trying to replicate your issue with the same given CSPC version (2.7). I will touch base with you to gather a few more details. Thanks again for your patience.

 

Regards,

AC

0 Helpful

Go to solution
antchris
Cisco Employee
Cisco Employee

‎10-31-2018 11:25 AM

Hi Joseph,

Thank you for your input and exchange via private message. For posterity, I will  make the solution visible for public community use:

 

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key


Note: The RSA SHA 256 Fingerprint should be generated from the host SFTP server and the "User Name" & "Password" must be that of a valid host SFTP user. You can find that and how to configure the CSPC SFTP backup profile per the CSPC User Guide Appendix 17 (G) and pg. 9-11 (respectively).

Again thank you for your use of the community and verified confirmation.

Regards,
AC

Go to solution
ekman
Level 1
Level 1

‎09-24-2020 12:52 PM

Hello

I am struggling with the backup flows, and I would like to receive some clarification regarding if I have tackled this situation correctly.

 

We are running CSPC v2.8.1.8

 

As an example with what I have done:

CSPC IP: 1.1.1.1

Backup VM: 1.1.1.2

 

On the backup VM I ran this command:

ssh-keygen -l -f /etc/ssh/ssh_host_rsa_key

 

I then took the sha256 fingerprint generated from the command and the SFTP user credentials and entered these values into the CSPC backup window.

 

After awhile the GUI prompts with a failed upload message.

 

Sep 24 21:40:22 backup-vm sshd[473155]: error: Received disconnect from 1.1.1.1 port 52166:9: Host key not accepted [preauth]
Sep 24 21:40:22 backup-vm sshd[473155]: Disconnected from 1.1.1.1 port 52166 [preauth]
Sep 24 21:40:22 backup-vm sshd[473157]: error: Received disconnect from 1.1.1.1 port 52168:9: Host key not accepted [preauth]
Sep 24 21:40:22 backup-vm sshd[473157]: Disconnected from 1.1.1.1 port 52168 [preauth]

 

I have verified that my credentials are working by logging into root in the cspc and connecting to the VM using the following command:

sftp cspc@backup-vm

 

And I can also push index files to my folder called "backups" in my Chroot for my CSPC user in the Backup VM.

 

So what am I doing wrong ?

 

0 Helpful

Go to solution
RipalNaik36646
Level 1
Level 1

‎02-17-2021 03:10 PM

I am also facing the same issue. is there any solution reported by Cisco ?

0 Helpful

Go to solution
Bo Biller
Level 1
Level 1

‎01-05-2023 06:17 AM

On older versions it's MD5 that is used for fingerprint

Use : ssh-keygen -l -v -E md5 -f /etc/ssh/ssh_host_rsa_key

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents