Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1453
Views
1
Helpful
5
Replies

Switch archive SSH issue

Go to solution
stewartk
Level 1
Level 1

‎04-04-2023 01:16 AM

Hello,

Looking for some help with the archive command to backup switch configs using SSH.

Configuration used -

archive

 path scp://user:password@server//path/h$

write-memory

ip ssh source-interface GigabitEthernet1/0/1 (trunk port on switch)

Whenever I try and write the configuration, receive authentication failed.

The configuration works successfully on routers and C9300 switches so I know it is not an issue with the account or file path.

I am having problems with SCP (or SFTP) on C2960L (IOS15.2(7)E5)  or C1000-2G-L (IOS 15.2(7)E7)

I can also see authentication failed logs on the SFTP server.

show archive 

:Error - Bad file number <- Most Recent

show log

SFTP write_process: sftp_write failed err 13 (only if using SFTP, no log for SCP)

If I manually copy e.g. copy running sftp: this works

Any suggestions would be much appreciated.

 

Stewart

 

 

 

 

 

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
stewartk
Level 1
Level 1

‎05-01-2023 02:37 AM

So it turns out the issue was because the randomly generated password had % special character in it and this is what has been causing authentication to fail. Routers support it but certain models of switches (or IOS versions) do not.

View solution in original post

5 Replies 5

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎04-04-2023 02:08 AM

 path scp://user:password@server//path/h$   <<- instead of h$ (try puting file name myconfig.cfg and see if that works.

Cat 9300 is latest IOS XE compare to IOS

also check the command syntax to support :

https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960x/software/15-0_2_EX/file_management/file_management/cfg_files.html#wp1055643

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
stewartk
Level 1
Level 1
In response to balaji.bandi

‎04-04-2023 08:28 AM

Thanks for the suggestion which I tried but unfortunately did not resolve.

Having looked a bit deeper, I think it might be to do with the MAC and/or KEX algorithms the switches are using and may not be supported / configured on the SFTP server. 

Routers have a lot more algorithms available.

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to stewartk

‎04-04-2023 09:50 AM

Sure show ssh and ciphers can show you, you can also see what message you getting on SFTP or SCP Server ?

Try manually first if that works you know where to go from there

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
stewartk
Level 1
Level 1

‎05-01-2023 02:37 AM

So it turns out the issue was because the randomly generated password had % special character in it and this is what has been causing authentication to fail. Routers support it but certain models of switches (or IOS versions) do not.

Go to solution
stewartk
Level 1
Level 1

‎05-01-2023 02:49 AM

there is also a shorter character limit for switches compared to routers

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card