This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

XMC failed to backup Avaya ERS switches via BOSS-SFTP script

XMC failed to backup Avaya ERS switches via BOSS-SFTP script

Go to solution
Rafael_Lopez
New Contributor

‎09-24-2018 07:19 PM

When using the included "BOSS-SFTP" script to backup various recent builds of Avaya ERS switches, the backups fail to authenticate to XMC. I am not sure what credentials the script is using to authenticate to the XMC server or how to change it. I have tested an SFTP client from my PC to the XMC server using my and root credentials and I am able to get a session so I know XMC is listening. Here is syslog output from an ERS (10.33.20.10) running the script to connect to the XMC server (10.50.26.222) and failing to authenticate.

2018-09-24 13:11:12 Daemon.Info 10.33.20.10 Sep 24 13:11:13 ETR_Olive SSH:SSHC: Password Authentication failure
2018-09-24 13:11:12 Daemon.Info 10.33.20.10 Sep 24 13:11:13 ETR_Olive SSH:SSHC: ASCII CFG upload SFTP failure
2018-09-24 13:11:37 Daemon.Info 10.33.20.10 Sep 24 13:11:37 ETR_Olive SNMP:Trap: bsnConfigurationSavedToNvram
2018-09-24 13:11:42 Auth.Info 10.33.20.10 Sep 24 13:11:42 ETR_Olive SSH: [ssh]#6 Session closed (lost connection), IP address: 10.50.26.222, access mode: r/w
2018-09-24 13:11:42 Auth.Info 10.33.20.10 Sep 24 13:11:42 ETR_Olive SSH: [ssh]#6 Connection closed (lost connection), IP address: 10.50.26.222
XMC reports the results as follows:

Archive Save Management Center Archive: (10.33.20.10) Version Stamp: Sep 24, 2018 2:23:40 PM - % Failed to authenticate the connection. :
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
TachyBirdy
New Contributor

‎05-17-2021 06:42 PM

Hello - I’ve been meaning to reply to this.

Our Security engineers said NO WAY to the root account being used in this manner.

I asked the Linux sysadmin to create an account (example name of “secure_backup”)

 

Then from Administration → Options → Inventory Manager → Data Storage we set the directory path to:

/home/secure_backup

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Login Information, we unchecked Anonymous and filled in the Username and Password

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Firmware Directory Path, we set the path to:

/home/secure_backup/firmware/images/

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Root Directory Path, we set the path to:

/home/secure_backup/

 

And we were all set.

View solution in original post

0 Kudos
10 REPLIES 10

Go to solution
TachyBirdy
New Contributor

‎05-17-2021 06:42 PM

Hello - I’ve been meaning to reply to this.

Our Security engineers said NO WAY to the root account being used in this manner.

I asked the Linux sysadmin to create an account (example name of “secure_backup”)

 

Then from Administration → Options → Inventory Manager → Data Storage we set the directory path to:

/home/secure_backup

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Login Information, we unchecked Anonymous and filled in the Username and Password

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Firmware Directory Path, we set the path to:

/home/secure_backup/firmware/images/

 

Then from Administration - → Options → Inventory Manager → File Transfer → SFTP Server Properties → Root Directory Path, we set the path to:

/home/secure_backup/

 

And we were all set.

0 Kudos

Go to solution
rmu
Contributor

‎12-02-2020 01:37 PM

Hi to Extreme


you recommend to use the root user of the linux system.


What is the reason for this?


As far as i know should the root user ony be used for system actions. For everything else you have a working user with fewer privileges.

Nevertheless, in all of my installations i have the root user and the working user "netsight".

Neither of the possible options works (default=anonymous, default anonymous/NAIM, root account, netsight account)

Both of my accounts fits the password guidlines you mentioned.

The only thing that works is TFTP, but in a secure environment, this is not an option.

It seems to me that you haven't done your homework in implementing modern user / permissions management.

So whats the solution for this?

NR
Richi
PS: i am running the latest xmc version.

 

0 Kudos

Go to solution
Violeta
New Contributor

‎11-04-2019 09:39 AM

Hello,

I have the same problem, but when changing "Anonymous" to root and password, it still gives me authentication error. In XMC I only have two users, root and administrator, and it doesn't work with either of them. Do I need an external server?

 

Best Regards!

 

 

 

0 Kudos

Go to solution
CptnBlues63
New Contributor

‎05-02-2019 08:02 PM




Set the user/pw to what exactly? Tried my SNMP passwords (RO and RW) and tried also "anonymous" None of the above worked and I'm still getting the same error as the OP.

Help!

TIA
0 Kudos
li.common.scroll-to.top
GTM-P2G8KFN