Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12879
Views
45
Helpful
29
Replies

CUCM sftp backup to linux fail

Chi Fai Leung
Level 1
Level 1

‎01-07-2016 04:01 AM - edited ‎03-19-2019 10:33 AM

Hi,

I'm following the guide: http://cdesigner.eu/content/14-cucm-8-free-sftp-solution-backup-ubuntu-1004-server
To install the ubuntu 15 as OpenSSH SFTP backup, but it got the fail on it

Error: Unableto access SFTP server. Please ensure the username and password are correct.

I followed all steps as same:

1) Create group for sftp access (optional) for further platform hardening - sudo groupadd sftpuser

2) Create user account for backup sudo adduser cucm_8 sftpuser and make password during user creation dialog

3) Change ownership of home directory sudo chown root.root /home/cucm_8

4) Alter permission for read and write to home directory of backup user sudo chmod 777 /home/cucm_8

5) Install open-ssh server  sudo apt-get install openssh-server

6) Test connectivity to sftp account from FileZilla client (or your preferred supporting secure mode) - transfer and delete file!!!

1 person had this problem
Labels:
0 Helpful
29 Replies 29

Chi Fai Leung
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-07-2016 10:12 AM

System version: 10.5.2.10000-5

0 Helpful

Carlo Poggiarelli
VIP
VIP
In response to Chi Fai Leung

‎01-07-2016 10:59 AM

Hi.

Please on your linux server give chmod -R 777 home/cucmbackup/

Try again and let me know

Thanks

Carlo

Please rate all helpful posts "The more you help the more you learn"
0 Helpful

Chi Fai Leung
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-07-2016 08:29 PM

was 777 already... but same error

0 Helpful

Carlo Poggiarelli
VIP
VIP
In response to Chi Fai Leung

‎01-07-2016 10:11 PM

Hi,

now I think we have an issue in cipher algorithm configured on linux server and the one supported by CUCM.

Please refer to the following post and check your sshd config.

https://supportforums.cisco.com/discussion/12407216/cucm-backup-openssh

Also try again the command we previously suggested to transfer files from CUCM through cli and check auth logs on linux server.

Please let let us know 

Regards

Carlo

Please rate all helpful posts "The more you help the more you learn"
0 Helpful

Chi Fai Leung
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-07-2016 09:51 AM

Unfortunately, I changed the Linux server as the same subnet of CUCM and it got the same error. Is it the wrong settings on Linux SFTP server?

 

0 Helpful

Aman Soi
VIP Alumni
VIP Alumni
In response to Chi Fai Leung

‎01-07-2016 05:55 AM

try command

file list tftp *

or to be more specific

file list tftp Ringlist.xml

for downloading file

file get tftp Ringlist.xml

regds,

aman

it
Level 1
Level 1
In response to Carlo Poggiarelli

‎01-20-2017 04:24 AM

Hello, same scenario here. I am trying to backup my cucm to a NAS device (synology) and i cannot

my cucm and nas are on different networks but the firewall lets communication. from cucm i can ping nas

I have a synology DS216j as backup.

Preview file
50 KB
Preview file
16 KB
0 Helpful

Mark Fisher
Level 1
Level 1
In response to it

‎01-20-2017 05:52 AM

See my original reply above. The latest synology software has an updated ssh that would cause this problem. You may need to contact synology on how to change the key exchange algorithms if you can't just ssh into it and edit the file.

0 Helpful

it
Level 1
Level 1
In response to Mark Fisher

‎01-20-2017 06:59 AM

my synology version is DSM 6.0.2-8451 Update 2

how do i check this thing you are mentioning?

0 Helpful

Mark Fisher
Level 1
Level 1

‎10-04-2016 12:02 PM

Not sure if you ever figured this out but I had the same problem after updating linux. OpenSSH removed a bunch of insecure ciphers which are still used by a good bit of Cisco stuff. With CCUM 10.0 I had to turn those ciphers back on. In my testing the below works.

Edit /etc/ssh/sshd_config and add:

Ciphers +aes128-cbc

KexAlgorithms +diffie-hellman-group1-sha1

Jared Radcliffe
Level 1
Level 1
In response to Mark Fisher

‎11-11-2016 12:39 PM 

Edit /etc/ssh/sshd_config and add:
Ciphers +aes128-cbc
KexAlgorithms +diffie-hellman-group1-sha1

Same scenario, this was the fix for me.

Thanks!

UrbanPeasant
Level 1
Level 1
In response to Jared Radcliffe

‎01-19-2018 06:25 AM

Happened to me after upgrading from 14.04LTS Ubuntu to 16.04LTS.
Had to change the network config to work with ens32 and systemd-networkd:
http://xmodulo.com/switch-from-networkmanager-to-systemd-networkd.html
Had to enable ssh in the iptables - sudo ufw allow ssh
And and finally the above commands here after verifying that I could access the SFTP server with the CUCM credentials via WinSCP, and logging directly into the SFTP server with the CUCM credentials.
0 Helpful

gusaguillon
Level 1
Level 1
In response to Mark Fisher

‎02-03-2021 04:08 PM

Gracias Mark Fisher.

Esto funcionó para mi.
Tengo un CUCM 11.5 y un SFTP SERVER basado el linux Ubuntu 20.04.
Logré configurar el backup device y  un schelude colletion hacia el servidor SFTP.

fragajah
Level 1
Level 1

‎11-14-2017 10:46 PM

add this line in to /etc/ssh/sshd_config
Ciphers aes128-cbc,3des-cbc,blowfish-cbc

save and restart service sshd
0 Helpful

Elliot Dierksen
VIP
VIP
In response to fragajah

‎02-11-2021 12:42 PM

That could break SSH connections that are dependent on other ciphers. Here is the config snippet I use in sshd_config to allow a server to be an SFTP server for DRS.

KexAlgorithms +diffie-hellman-group1-sha1
KexAlgorithms +diffie-hellman-group-exchange-sha1

Ciphers +aes128-cbc
Ciphers +3des-cbc
Customers Also Viewed These Support Documents