05-17-2013 06:05 AM
Hello,
After upgrading both firewalls and the panorama to version 5.0.4, I want to change the configuration backup in Panorama.
I want to change it from FTP to SCP.
I am using the tool WinSCP on an windows machine. In this tool i've created an account called "Panorama" with a password.
At this account I also mapped an ssh host key.
But a test at the CLI failed, it give me the following message.
What could it be?
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
admpatc@srvmgt23> test scp-server-connection initiate hostname 10.20.161.238 username Panorama password ******
Server error : No DSA host key is known for 10.20.161.238 .
Host key verification failed.
admpatc@srvmgt23>
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Best Regards
Patrick
05-17-2013 12:51 PM
Hi Greg,
Thanks for your answer.
Connecting from any device to the WinSCP server with the given credentials fails.
After some troubleshooting I saw that i've created an wrong ssh-rsa key.
So youre described steps were also failing.
After deleting the wrong one, i've created a new key and mapped it to the Panorama account.
After that I was be able to connect via SCp from the panorama to my WinSCP server.
Thansk!
Regards,
Patrick
05-17-2013 10:04 AM
A couple things to try:
1. Test using PuTTY or another similar SSH tool to hit your server, making sure you can connect with it (eliminating issues with windows firewall, etc.).
2. Check with another SSH server in your environment using the same command to see if the firewall has any issues connecting via SSH.
3. See if you can export your config to that server via the SCP export command:
> scp export configuration from running-config.xml to Panorama@10.20.161.238:c:/test/
Replace the path with something valid for your environment. The firewall will challenge you for the password if it is able to connect.
Hope this helps!
Greg Wesson
05-17-2013 12:51 PM
Hi Greg,
Thanks for your answer.
Connecting from any device to the WinSCP server with the given credentials fails.
After some troubleshooting I saw that i've created an wrong ssh-rsa key.
So youre described steps were also failing.
After deleting the wrong one, i've created a new key and mapped it to the Panorama account.
After that I was be able to connect via SCp from the panorama to my WinSCP server.
Thansk!
Regards,
Patrick
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
