Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1585
Views
0
Helpful
6
Replies

Cisco ACS and SFTP configuration

saxenanitesh8522
Level 4
Level 4

‎07-19-2015 08:59 AM - edited ‎03-10-2019 10:55 PM

Hi Guys,

 

is there any documentation or white papers or any support for the SFTP configuration on the Cisco ACS.


Because i am not able to integrate the SFTP configuration provided but the Cisco ACS documentation.

 

Is there anyone who had been successful in integrating the SFTP server with Cisco ACS.

 

Thanks & Regards,

 

Nitesh

Labels:
0 Helpful
6 Replies 6

johnd2310
Level 8
Level 8

‎07-19-2015 05:54 PM

Hi,

Are you trying to use SFTP for backups/software repository? What SFTP server are you using?

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

saxenanitesh8522
Level 4
Level 4
In response to johnd2310

‎07-19-2015 11:39 PM

I am trying to do backup for the schedule and reports generation.

We are using SFTP server-Solar winds.

0 Helpful

johnd2310
Level 8
Level 8
In response to saxenanitesh8522

‎07-21-2015 04:25 AM

Hi,

 

What errors do you get when using SFTP. I have used the free SFTP\SCP server from Solarwinds and had no problems.

You just need to create your user on the SFTP server and specify the SFTP directory. On ACS you will need to create the repository pointing to the SFTP server. It is easier to configure the repository from the command line. e.g.

repository ACS-REPO
  url sftp://X.X.X.X/acs
  user acs-user password plain xxxxxx
  host-key sync

 

Thanks

John

**Please rate posts you find helpful**
0 Helpful

saxenanitesh8522
Level 4
Level 4
In response to johnd2310

‎07-22-2015 12:13 PM

Hi,

 

its a different version of sftp server. Also, in 5.7 host key sync is not there. its been replaced with a crpto host_key command. 

 

earlier models were supporting DSA but in 5.7 its only supporting RSA key. Hence when requesting the the host key it was failing. 

So did some lab work and found this issue about DSA and RSA keys.

0 Helpful

saxenanitesh8522
Level 4
Level 4
In response to saxenanitesh8522

‎07-29-2015 09:11 PM

Hi,

 

i was able to solve my issue. in 5.7 it only supports RSA keys and not DSA keys so when issuing the command cryto host key it was not able to get the keys. After adding the RSA keys this started to work.

 

Thanks

0 Helpful

dmarekatc
Level 1
Level 1
In response to saxenanitesh8522

‎10-06-2015 04:00 PM

Great that you figured it out... But for others having a similar issue, I would encourage you to post what specific steps you had to do in order to get it to work.  (Probably in conjunction with Solarwinds SFTP/SCP since that is a popular free tool and you were using it.)

 

For instance, it's easy enough to create a repository and from the CLI display it in the config to verify but you also have to run the "crypto host_key add host xxx" command, and you have the account set on the SFTP server as well.

 

Knowing what additional steps you did to get it to work may help others out.

0 Helpful
Customers Also Viewed These Support Documents