CUE doesn't make backup to sftp server

pavelsh_ucs · ‎11-01-2012

Hi,

I'm trying to set backup for some cue.

It's cue 8.6.4 on ISM-SRE-300-K9.

I've made some test sftp server based on FreeBSD.

I tested how it works from FreeBSD console and by winscp.

It works fine

mgmt-u# sftp sftp@10.0.0.5

Password:

Connected to 10.0.0.5.

sftp> ls

sftp> exit

Then configured it on cue

cue(config)# backup server url sftp://10.0.0.5/usr/home/sftp/cue/cue username sftp password secret_here

Then pull ssl keys

cue(config)# backup server authenticate

The fingerprint of host 10.0.0.5 (key type ssh-rsa) is:

bf:50:87:1c:eb:6c:1a:b3:69:f5:fd:1f:00:f6:ee:7a

Do you want to accept it? [confirm]y

Then tried to make backup I got Error.

When I check sftp server I see the error:

error: PAM: authentication error for sftp from 10.81.2.2

When I check trace on cue. I see

2724 11/02 03:31:04.919 BackupRestore BackupRestore "out ServerConfigSysdbcommit"

2723 11/02 03:31:24.830 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2723 11/02 03:31:24.830 BackupRestore BackupRestore -1 BackupRestore: done Backupsysdbnode get, val:

2722 11/02 03:31:24.831 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2722 11/02 03:31:24.831 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

2724 11/02 03:31:24.831 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2724 11/02 03:31:24.831 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

2722 11/02 03:31:26.662 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerConfigured

2722 11/02 03:31:26.663 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerConfigured, url:sftp://10.0.0.5/cue/cue user:sftp password:****

2722 11/02 03:31:26.663 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" ServerConfig: getServer (sftp://10.0.0.5/cue/cue,sftp,***)

2722 11/02 03:31:26.663 BackupRestore BackupRestore "in ServerConfig"

2722 11/02 03:31:26.663 BackupRestore BackupRestore "out ServerConfig"

2722 11/02 03:31:26.663 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" out isServerConfigured, backup server configured

2722 11/02 03:31:26.663 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable

2722 11/02 03:31:26.664 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, url:sftp://10.0.0.5/cue/cue user:sftp password:****

2722 11/02 03:31:26.664 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" ServerConfig: getServer (sftp://10.0.0.5/cue/cue,sftp,***)

2722 11/02 03:31:26.664 BackupRestore BackupRestore "in ServerConfig"

2722 11/02 03:31:26.664 BackupRestore BackupRestore "out ServerConfig"

2722 11/02 03:31:26.664 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" SFTPServerConfig: in initContext

2722 11/02 03:31:26.676 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: pwd

2722 11/02 03:31:30.557 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" sftp: Permission denied.

2722 11/02 03:31:30.557 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" Couldn't read packet: Connection reset by peer

2722 11/02 03:31:30.558 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: bye

2722 11/02 03:31:30.559 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, Unable to reach backup server

2722 11/02 03:31:30.559 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" history sysdbprovider: backup server unreachable

2724 11/02 03:31:30.565 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2724 11/02 03:31:30.565 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

2725 11/02 03:31:30.566 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2725 11/02 03:31:30.566 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

Is it bug?

Thanks

rajmokri · ‎11-01-2012

Backup & restore works fine on 8.6.4 using SFTP. From your CUE traces, I see the permission denied by the server.

2722 11/02 03:31:30.557 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" sftp: Permission denied

Can you please confirm if the password is configured correct and the server is not denying the request from the CUE?

pavelsh_ucs · ‎11-09-2012

I'm pretty sure about correct passwords.

I've just changed password. Then checked this password by my sftp client - works fine.

Then with sftp console utility - works fine

mgmt-u# passwd sftp

Changing local password for sftp

New Password:

Retype New Password:

mgmt-u# sftp sftp@10.0.0.5

Password:

Connected to 10.0.0.5.

sftp> quit

mgmt-u#

Then change sftp password in cue configuration, then backup server authen

Then next try and I got

cue-japan# show trace

MODULE ENTITY SETTING

BackupRestore BackupRestore 0000001f

LOG NAME STATUS

atrace.log disabled

cue-japan# show trace buffer tail

Press to exit...

2645 11/10 08:22:33.571 LIC DBG 0 DBG: :Process(3068349328) :VLSsetTraceLevel, Line : 84

( 1 )

2707 11/10 08:23:38.253 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerConfigured

2707 11/10 08:23:38.254 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerConfigured, url:sftp://10.0.0.5/usr/home/sftp/ user:sftp password:****

2707 11/10 08:23:38.254 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" ServerConfig: getServer (sftp://10.0.0.5/usr/home/sftp/,sftp,***)

2707 11/10 08:23:38.254 BackupRestore BackupRestore "in ServerConfig"

2707 11/10 08:23:38.254 BackupRestore BackupRestore "out ServerConfig"

2707 11/10 08:23:38.254 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" out isServerConfigured, backup server configured

2707 11/10 08:23:38.254 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable

2707 11/10 08:23:38.256 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, url:sftp://10.0.0.5/usr/home/sftp/ user:sftp password:****

2707 11/10 08:23:38.256 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" ServerConfig: getServer (sftp://10.0.0.5/usr/home/sftp/,sftp,***)

2707 11/10 08:23:38.256 BackupRestore BackupRestore "in ServerConfig"

2707 11/10 08:23:38.256 BackupRestore BackupRestore "out ServerConfig"

2707 11/10 08:23:38.256 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" SFTPServerConfig: in initContext

2707 11/10 08:23:38.274 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: pwd

2707 11/10 08:23:42.173 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" sftp: Permission denied.

2707 11/10 08:23:42.173 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" Couldn't read packet: Connection reset by peer

2707 11/10 08:23:42.173 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: bye

2707 11/10 08:23:42.175 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, Unable to reach backup server

2707 11/10 08:23:42.175 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" history sysdbprovider: backup server unreachable

2703 11/10 08:23:42.182 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2703 11/10 08:23:42.182 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

2704 11/10 08:23:42.183 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2704 11/10 08:23:42.183 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

2706 11/10 08:23:51.376 BackupRestore BackupRestore "in BackupNodeSysdbcheck"

2706 11/10 08:23:51.376 BackupRestore BackupRestore "out BackupNodeSysdbcheck OK"

2703 11/10 08:23:51.377 BackupRestore BackupRestore "in BackupNodeSysdbcommit"

2703 11/10 08:23:51.377 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" backupnodesysdbprovider: COMMIT category_list: Configuration Data HistoricalData:0

2703 11/10 08:23:51.377 BackupRestore BackupRestore "out BackupNodeSysdbcommit"

2704 11/10 08:23:51.377 BackupRestore BackupRestore "in BackupNodeSysdbcheck"

2704 11/10 08:23:51.377 BackupRestore BackupRestore "out BackupNodeSysdbcheck OK"

2707 11/10 08:23:51.377 BackupRestore BackupRestore "in BackupNodeSysdbcommit"

2707 11/10 08:23:51.377 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" backupnodesysdbprovider: COMMIT description:

2707 11/10 08:23:51.377 BackupRestore BackupRestore "out BackupNodeSysdbcommit"

2703 11/10 08:23:51.378 BackupRestore BackupRestore "in BackupNodeSysdbcheck"

2703 11/10 08:23:51.378 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" enter issystem rebooting

2703 11/10 08:23:51.378 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" leave issystem rebooting

2703 11/10 08:23:51.378 BackupRestore BackupRestore "in isSystemOffline"

2703 11/10 08:23:51.379 BackupRestore BackupRestore "out isSystemOffline"

2703 11/10 08:23:51.379 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable

2703 11/10 08:23:51.380 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, url:sftp://10.0.0.5/usr/home/sftp/ user:sftp password:****

2703 11/10 08:23:51.380 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" ServerConfig: getServer (sftp://10.0.0.5/usr/home/sftp/,sftp,***)

2703 11/10 08:23:51.380 BackupRestore BackupRestore "in ServerConfig"

2703 11/10 08:23:51.380 BackupRestore BackupRestore "out ServerConfig"

2703 11/10 08:23:51.380 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" SFTPServerConfig: in initContext

2703 11/10 08:23:51.387 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: pwd

2703 11/10 08:23:55.310 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" sftp: Permission denied.

2703 11/10 08:23:55.310 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" Couldn't read packet: Connection reset by peer

2703 11/10 08:23:55.311 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" doSFTPCommand: bye

2703 11/10 08:23:55.312 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" in isServerReachable, Unable to reach backup server

2703 11/10 08:23:55.312 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" backup sysdbprovider: backup server unreachable

2707 11/10 08:23:55.321 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: Backupsysdbnode get

2707 11/10 08:23:55.321 BackupRestore BackupRestore "in SysdbConfigInterfaceImpl" BackupRestore: done Backupsysdbnode get, val:

Also checked sftp backup for cue 7.0.5, 7.0.6 (nm-cue, nme-cue). When I do backup server authen I get "

cue-swiss(config)# backup server authenticate
read error from ssh client

So it looks like sftp backup doesn't work at all.

rajmokri · ‎11-16-2012

I personally tested it on an ISM module running version 8.6.4. I could successfully take a backup and restore the same using SFTP, so I can say for sure that SFTP backup works fine. Make sure that there is no firewall blocking the access.

pavelsh_ucs · ‎11-16-2012

Hi Rajmohan,

What sftp server and server version are you using?

Thanks

rajmokri · ‎11-18-2012

OpenSSH_3.5p1 on redhat.

SuccessfulChap123 · ‎02-03-2014

This just happened to me.

I have an STFP Server, which I reinstalled for whatever reasons and then the backup stopped working. The SFTP Server showed that the connection closed by the peer.

2014.02.03 08:59:04 -  Connection closed by [10.X.X.X [preauth]

It just occured to me that during the reinstallation of the SFTP client that the SSH keys for the server must of been recreated. I typed in "backup server authenticate" within the CUE CLI and I was prompted to accept the keys from my SFTP server. Now I have a working backup!!

I know this is an old post, just thought it might be helpful for someone out there as this posted helped me realise it was a problem with my SSH keys.