Backing up switch configuration using configupload command failing with error 'configupload not permitted (sftp failed)'
摘要: Issued the 'configupload' command to back up switch configuration to an SFTP server. Received the error message 'configupload not permitted (sftp failed)'.
本文适用于
本文不适用于
本文并非针对某种特定的产品。
本文并非包含所有产品版本。
症状
The errdumpall output on the switch displays the following error message at the time the configupload command fails:
SEC-3076: 'SSH session establishment failed. Reason: Unable to negotiate a key exchange method'.
原因
A possible cause for this issue is the switch and the SFTP server having SSH KEX (key exchange) algorithms which do not match.
The SSH KEX algorithms, which are enabled on the switch, can be checked using the following command:
secCryptoCfg --show
The SSH KEX algorithms, which are enabled on the switch, can be checked using the following command:
secCryptoCfg --show
解决方案
Update the SSH KEX algorithms on either the switch or the SFTP server so that they match.
Use the following command syntax to update the SSH KEX algorithms on the switch:
secCryptoCfg --replace -type SSH -kex [algorithm1,algorithm2]
Below is a list of the SSH KEX algorithms that are available in Fabric OS 8.2.x:
Check the Fabric OS Command Reference guide section on the 'secCryptoCfg' command for further details and examples.
Use the following command syntax to update the SSH KEX algorithms on the switch:
secCryptoCfg --replace -type SSH -kex [algorithm1,algorithm2]
Below is a list of the SSH KEX algorithms that are available in Fabric OS 8.2.x:
- ecdh-sha2-nistp256
- ecdh-sha2-nistp384
- ecdh-sha2-nistp521
- diffie-hellman-group-exchange-sha256
- diffie-hellman-group-exchange-sha1
- diffie-hellman-group14-sha1
- diffie-hellman-group1-sha1
Check the Fabric OS Command Reference guide section on the 'secCryptoCfg' command for further details and examples.
受影响的产品
Brocade文章属性
文章编号: 000188867
文章类型: Solution
上次修改时间: 23 6月 2021
版本: 1
从其他戴尔用户那里查找问题的答案
支持服务
检查您的设备是否在支持服务涵盖的范围内。