Hello community,
Ever since I upgraded to XMC 8.2, my archive scripts that utilize SCP no longer work. I have done a few hours of debugging and determined that the upgrades to the SSH service on the XMC server are part to blame, as my Brocade switches utilize very outdated ciphers.
I added this to /etc/ssh/sshd_config (and restarted)
PubkeyAcceptedKeyTypes=+ssh-dss
KexAlgorithms=+diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
Now, I can ssh and scp from my Brocades again - but now when utilizing the archive feature from within XMC.
This is what I see when I look at a failed archive in XMC in the "Description" field (10.60.60.150 is my XMC server) ...
KCHSANSW_3:root> configupload
Protocol (scp, ftp, local) [ftp]: scp
Server Name or IP Address [host]: 10.60.60.150
User Name [user]: root
Path/Filename [/config.txt]: /root/configs/tmp/10_200_200_51/10_200_200_51.cfg
Section (all|chassis|switch [all]): all
root@10.60.60.150's password: mypassword
root@10.60.60.150's password:
Note that it seems to not like the password. If I ssh into the switch, and run these same commands and use that same password, it works fine.
KCHSANSW_3:root> configUpload
Protocol (scp, ftp, local) [ftp]: scp
Server Name or IP Address [host]: 10.60.60.150
User Name [user]: root
Path/Filename [/config.txt]: /root/configs/tmp/10_200_200_51/10_200_200_51.cfg
Section (all|chassis|switch [all]): all
root@10.60.60.150's password:
configUpload complete: All selected config parameters are uploaded
KCHSANSW_3:root>
I have checked the SCP user settings in the Administration > Options > Inventory Manager > File Transfer, and all seems correct! Thinking maybe it was special characters in my password field I have tried changing my root password to a plain text password both in terminal (passwd root) and also in the File Transfer SCP settings. No change!
Seems like this was a problem long ago with a version of 6.1, but I don't see anything about this recently.
Anyone have any clues for me?
