©XSIBackup-Free: Free Backup Software for ©VMWare ©ESXi

Forum ©XSIBackup: ©VMWare ©ESXi Backup Software


You are not logged in.

#1 2021-04-08 15:10:23

cabsrl
Member
Registered: 2021-04-08
Posts: 5

Is it possible to use ssh as a source for the restore?

I am currently having this problem with restore from ssh source: although

--add-key

works without problem, using

--restore

instead returns an error.

add-key

-----------------------------------------------------------------------------------------------------------
~ # /scratch/XSI/XSIBackup-DC/xsibackup --add-key admin@nasponte:22
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
|||   (c)XSIBackup-Free 1.4.3.17: Backup & Replication Software                 |||
|||   (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved    |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
                   (c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 5 Major 5 Minor 0 Patch 0
-----------------------------------------------------------------------------------------------------------
PID: 530095, Running job as: root
-----------------------------------------------------------------------------------------------------------
Key exchange routine
-----------------------------------------------------------------------------------------------------------
This is the routine to exchange keys with other servers
You will be prompted to enter the remote server's password
a number of times. Please do so, this is a one time operation
-----------------------------------------------------------------------------------------------------------
/!\ Remember to enable SSH out in the ESXi firewall
-----------------------------------------------------------------------------------------------------------
The remote server is of type: linux                                            OK
-----------------------------------------------------------------------------------------------------------
Let's look for the 'authorized_keys' file there...
-----------------------------------------------------------------------------------------------------------
Checking if local public key exists at remote file...
-----------------------------------------------------------------------------------------------------------
Local key <xsibackup_id_rsa> is already
present at admin@192.168.2.49:22:/home/admin/.ssh/authorized_keys              OK
-----------------------------------------------------------------------------------------------------------
Remote server is already linked for user admin
-----------------------------------------------------------------------------------------------------------
Removed host <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------
Removed prog <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------
SSH session was closed        OK
-----------------------------------------------------------------------------------------------------------

restore

~ # /scratch/XSI/XSIBackup-DC/xsibackup --restore admin@nasponte:22:/share/Storage/vmimages/SERVER-INT/20210408121629/ /vmfs/volumes/datastore1/ppp
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
|||   (c)XSIBackup-Free 1.4.3.17: Backup & Replication Software                 |||
|||   (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved    |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
                   (c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 5 Major 5 Minor 0 Patch 0
-----------------------------------------------------------------------------------------------------------
Server 192.168.2.49:22 is not linked by public key, use --add-key command to exchange keys, message was: permission denied (publickey,password,keyboard-interactive).
-----------------------------------------------------------------------------------------------------------
Removed host <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------
Removed prog <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------

could I have some more indication of the reason for the error?
in --backup mode it works perfectly.

thanks.

Offline

#2 2021-04-08 17:47:56

admin
Administrator
Registered: 2017-04-21
Posts: 2,055

Re: Is it possible to use ssh as a source for the restore?

(c)XSIBackup has been designed to work on (c)ESXi and Linux. NAS firmware is frequently built on Linux, still, it's firmware, and has not been designed to allow an administrator to tweak it to his needs, on the contrary, it's specially designed to prevent that.

That said:

In your case you have been able to exchange the admin user key and (c)XSIBackup is able to access its profile and detect the key there. Nonetheless that very same user is being denied access to /share/Storage/vmimages/SERVER-INT/20210408121629/

We have to recognize our message is a bit misleading

Server 192.168.2.49:22 is not linked by public key

We are just trying to grab attention here to the most common scenario, maybe confounding some users in other cases, we'll revise it.

The exact message from OpenSSH is printed though, which is: permission denied (publickey,password,keyboard-interactive) and is self explanatory.

If you want more detailed information on the error, although in this case it seems clear that it's just a permission issue on the folder, you can run some ssh command manually using the very same key trying to grab something from that dir and adding -vvv to the ssh client to get extended verbosity. Something like (from the (c)XSIBackup installation dir):

ssh -vvv -i xsibackup_id_rsa admin@nasponte "cat /share/Storage/vmimages/SERVER-INT/20210408121629/*.vmx" | cat > /tmp/your-vm.vmx

UPDATE1:

Although the manual test will shed some light on the issue, we'll revise the specific logic of the --restore command, as there's obviously some difference between them.

UPDATE2:

This is the exact command, translated to the ssh command line that is causing your issue. Run it and post the output (again, from the installation dir).

ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no -i xsibackup_id_rsa admin@nasponte "date"

One of the early probes on the remote system is to simply get the remote date. For some strange reason it's failing for you.

Offline

#3 2021-04-12 11:14:46

cabsrl
Member
Registered: 2021-04-08
Posts: 5

Re: Is it possible to use ssh as a source for the restore?

here the result of the latter

/vmfs/volumes/606c5ff3-f834bb94-513f-00101828d1d2/XSI/XSIBackup-DC # ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no
-i xsibackup_id_rsa admin@192.168.2.49 "date"
OpenSSH_5.6p1, OpenSSL 1.0.1e 11 Feb 2013
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.2.49 [192.168.2.49] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 30000 ms remain after connect
debug1: permanently_set_uid: 0/0
debug3: Not a RSA1 key file xsibackup_id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file xsibackup_id_rsa type 1
debug1: identity file xsibackup_id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: match: OpenSSH_8.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 144/320
debug2: bits set: 4075/8192
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host 192.168.2.49 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host 192.168.2.49 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.2.49' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug2: bits set: 4148/8192
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: xsibackup_id_rsa (0x1f008530)
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: xsibackup_id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp fd:b7:cc:1c:59:42:b5:a0:1e:c6:00:fe:7a:19:dd:3b
debug3: sign_and_send_pubkey: RSA fd:b7:cc:1c:59:42:b5:a0:1e:c6:00:fe:7a:19:dd:3b
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.2.49 ([192.168.2.49]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /etc/config/ssh/authorized_keys:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /etc/config/ssh/authorized_keys:4: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: date
debug2: channel 0: request exec confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
Mon Apr 12 13:07:27 CEST 2021
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

debug3: channel 0: close_fds r -1 w -1 e 6
Transferred: sent 3232, received 5376 bytes, in 0.2 seconds
Bytes per second: sent 19486.2, received 32412.7
debug1: Exit status 0

regarding the first, in the indicated path there is no * .vmx but the file is "SERVER-INT.vmx.map", as created by the backup procedure which I report here:

[root@VMWARE:~] /scratch/XSI/XSIBackup-DC/xsibackup --backup /vmfs/volumes/datastore1/SERVER-INT/ admin@192.168.2.49:22:/share/Storage/vmimages/SERVER-INT
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
|||   (c)XSIBackup-Free 1.4.3.17: Backup & Replication Software                 |||
|||   (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved    |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
                   (c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 6 Major 5 Minor 0 Patch 0
-----------------------------------------------------------------------------------------------------------
License: 000906E90000000000000000509a4c78885a, (remaining trial time: 519:20:59 | (c)XSIBackup-Free
-----------------------------------------------------------------------------------------------------------
Remote system: Linux
-----------------------------------------------------------------------------------------------------------
PID: 1177708, Running job as: admin
-----------------------------------------------------------------------------------------------------------
LZJB compression has been enabled
-----------------------------------------------------------------------------------------------------------
Block size is 1.00 MB (1048576 bytes)
-----------------------------------------------------------------------------------------------------------
Remote xsibackup binary found at: /bin/xsibackup
-----------------------------------------------------------------------------------------------------------
SOURCE: /vmfs/volumes/5a816101-ba19ceca-73db-509a4c78885a/SERVER-INT
-----------------------------------------------------------------------------------------------------------
Performing --backup action
-----------------------------------------------------------------------------------------------------------
(c)XSIBackup-Free setting repository at /share/Storage/vmimages/SERVER-INT
-----------------------------------------------------------------------------------------------------------
2021-04-12T08:39:07 | Error code 3444 at file common.c, line 3444 | Error description: could not find .blocklog_dis file
-----------------------------------------------------------------------------------------------------------
2021-04-12T08:39:07 | Error code 2887 at file xsibackup.c, line 2887 | Error description: something went wrong grabbing .bloc                                                                                                                klog data, error: Illegal seek
-----------------------------------------------------------------------------------------------------------
Item number 1 in this job
-----------------------------------------------------------------------------------------------------------
Virtual Machine Name: SERVER-INT
-----------------------------------------------------------------------------------------------------------
Creating snapshot VM : SERVER-INT (powered on)
-----------------------------------------------------------------------------------------------------------
*** Snapshot was successfully created ***
-----------------------------------------------------------------------------------------------------------
Virtual Machine: SERVER-INT
-----------------------------------------------------------------------------------------------------------
Backup start date: 2021-04-12T08:39:10
-----------------------------------------------------------------------------------------------------------
2021-04-12 08:39:10 | Backing up 24 files, total size is 280.72 GB
-----------------------------------------------------------------------------------------------------------
    NUMBER                                                         FILE             SIZE          PROGRESS
-----------------------------------------------------------------------------------------------------------
    1/24                                                 SERVER-INT.vmx          3.89 KB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    2/24                                                          nvram          8.48 KB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    3/24                                                SERVER-INT.vmsd        444.00 B     | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    4/24                                                SERVER-INT.vmxf          3.08 KB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    5/24                                                  vmware-25.log          1.95 MB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    6/24                                             SERVER-INT.vmx.tmp          3.89 KB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    7/24                                           SERVER-INT-flat.vmdk        272.25 GB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
::: detail ::: 100.00% done | block 278786 out of 278786                                    | Done  96.98%
-----------------------------------------------------------------------------------------------------------
    8/24                                                SERVER-INT.vmdk        680.00 B     | Done  96.98%
-----------------------------------------------------------------------------------------------------------
    9/24                                            SERVER-INT.vmsd.tmp         43.00 B     | Done  96.98%
-----------------------------------------------------------------------------------------------------------
   10/24                                                  vmware-22.log        344.43 KB    | Done  96.98%
-----------------------------------------------------------------------------------------------------------
   11/24                                                  vmware-20.log        655.38 KB    | Done  96.98%
-----------------------------------------------------------------------------------------------------------
   12/24                                                  vmware-23.log        300.63 KB    | Done  96.99%
-----------------------------------------------------------------------------------------------------------
   13/24                                                SERVER-INT.vmx~          3.89 KB    | Done  96.99%
-----------------------------------------------------------------------------------------------------------
   14/24                                            SERVER-INT.vmx.copy          4.11 KB    | Done  96.99%
-----------------------------------------------------------------------------------------------------------
   15/24                                                  vmware-21.log        304.93 KB    | Done  96.99%
-----------------------------------------------------------------------------------------------------------
   16/24                               vmx-SERVER-INT-4066450649-2.vswp        254.00 MB    | Done  96.99%
-----------------------------------------------------------------------------------------------------------
   17/24                                                  vmware-24.log        266.73 KB    | Done  97.07%
-----------------------------------------------------------------------------------------------------------
   18/24                               vmx-SERVER-INT-4066450649-1.vswp                    [open excluded]
-----------------------------------------------------------------------------------------------------------
   19/24                                             SERVER-INT.vmx.lck                 [skipped excluded]
-----------------------------------------------------------------------------------------------------------
   20/24                                                     vmware.log          1.03 MB    | Done  97.07%
-----------------------------------------------------------------------------------------------------------
   21/24                                       SERVER-INT-f2611cd9.vswp                    [open excluded]
-----------------------------------------------------------------------------------------------------------
   22/24                                      SERVER-INT-Snapshot3.vmsn         31.64 KB    | Done  97.07%
-----------------------------------------------------------------------------------------------------------
   23/24                                   SERVER-INT-000001-delta.vmdk                 [skipped excluded]
-----------------------------------------------------------------------------------------------------------
   24/24                                         SERVER-INT-000001.vmdk                 [skipped excluded]
-----------------------------------------------------------------------------------------------------------
Total size:                                                                    272.50 GB    | Done 100.00%
-----------------------------------------------------------------------------------------------------------
*** Snapshot was removed ***
-----------------------------------------------------------------------------------------------------------
Backup end date: 2021-04-12T11:45:01
-----------------------------------------------------------------------------------------------------------
Time taken: 03:05:51 (11151 sec.)
-----------------------------------------------------------------------------------------------------------
Total time:    11151 sec.
-----------------------------------------------------------------------------------------------------------
Full file speed:                                                                            25.02 mb/s
-----------------------------------------------------------------------------------------------------------
Real data speed:                                                                            33.48 mb/s
-----------------------------------------------------------------------------------------------------------
Item backup completed without errors
-----------------------------------------------------------------------------------------------------------
Differential blocks were added to the .blocklog database
-----------------------------------------------------------------------------------------------------------
Final checksum: 181929664155 bytes were sent and confirmed to have been written remotely
-----------------------------------------------------------------------------------------------------------
2021-04-12T11:45:15 | Error code 3557 at file xsibackup.c, line 3557 | Error description: some error/s were raised while back                                                                                                                ing up: /vmfs/volumes/5a816101-ba19ceca-73db-509a4c78885a/SERVER-INT, error count is: 2
-----------------------------------------------------------------------------------------------------------
Removed host <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------
Removed prog <tmp> dir        OK
-----------------------------------------------------------------------------------------------------------
Unlocked backup               OK
-----------------------------------------------------------------------------------------------------------

Offline

#4 2021-04-12 19:05:01

admin
Administrator
Registered: 2017-04-21
Posts: 2,055

Re: Is it possible to use ssh as a source for the restore?

There's somthing wrong in your command's output:

ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no

The server doesn't seem to be recognizing the key format. Not any firmware based in Linux is compatible by default. You have to decide up to which point it is worth for you trying to configure such device instead of using some Linux distro which will work out of the box.

You must not use this syntax to backup a VM

/scratch/XSI/XSIBackup-DC/xsibackup --backup /vmfs/volumes/datastore1/SERVER-INT/ admin@192.168.2.49:22:/share/Storage/vmimages/SERVER-INT

But this:

/scratch/XSI/XSIBackup-DC/xsibackup --backup "VMs(SERVER-INT)" admin@192.168.2.49:22:/share/Storage/vmimages/SERVER-INT

Offline

#5 2021-04-13 12:43:23

cabsrl
Member
Registered: 2021-04-08
Posts: 5

Re: Is it possible to use ssh as a source for the restore?

The problem is the ssh client: I updated the ssh client of the machine (esxi5.5) taking it from an esxi6.5 and replacing it in /usr/lib/vmware/openssh/bin/
now the result is this:

/vmfs/volumes/606c5ff3-f834bb94-513f-00101828d1d2/XSI/XSIBackup-DC # ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentica
tion=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no -i xsibackup_
id_rsa admin@192.168.2.49 -2 "ls /share/Storage/vmimages/SERVER-INT/20210413085226/SERVER-INT"
OpenSSH_7.3p1, OpenSSL 1.0.1e 11 Feb 2013
debug2: resolving "192.168.2.49" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.2.49 [192.168.2.49] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 30000 ms remain after connect
debug1: permanently_set_uid: 0/0
debug1: identity file xsibackup_id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file xsibackup_id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: match: OpenSSH_8.0 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.2.49:22 as 'admin'
debug3: hostkeys_foreach: reading file "/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 192.168.2.49
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ssh-rsa-cert-v01@openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ssh-ed25519-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com
debug2: compression stoc: none,zlib@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ssh-rsa SHA256:w/zyfVOAO7aP7S3ngRwZEnWHNbE4+/CJFeD9g8qaVWM
debug3: hostkeys_foreach: reading file "/.ssh/known_hosts"
debug3: record_hostkey: found key type RSA in file /.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from 192.168.2.49
debug1: Host '192.168.2.49' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug2: key: xsibackup_id_rsa (0x1f009648), explicit
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: xsibackup_id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: pkalg rsa-sha2-512 blen 279
debug2: input_userauth_pk_ok: fp SHA256:tW4jmj2RNEZ9iMNnx8+zQkWzHew+RZ1FhIUK4k8NBfM
debug3: sign_and_send_pubkey: RSA SHA256:tW4jmj2RNEZ9iMNnx8+zQkWzHew+RZ1FhIUK4k8NBfM
debug3: send packet: type 50
debug3: receive packet: type 52
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.2.49 ([192.168.2.49]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug3: send packet: type 90
debug1: Requesting no-more-sessions@openssh.com
debug3: send packet: type 80
debug1: Entering interactive session.
debug1: pledge: network
debug3: receive packet: type 80
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug3: receive packet: type 4
debug1: Remote: /root/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 4
debug1: Remote: /root/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug3: receive packet: type 91
debug2: callback start
debug2: fd 3 setting TCP_NODELAY
debug3: ssh_packet_set_tos: set IP_TOS 0x08
debug2: client_session2_setup: id 0
debug1: Sending command: ls /share/Storage/vmimages/SERVER-INT/20210413085226/SERVER-INT
debug2: channel 0: request exec confirm 1
debug3: send packet: type 98
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
SERVER-INT-Snapshot5.vmsn.map
SERVER-INT-flat.vmdk.map
SERVER-INT.vmdk.map
SERVER-INT.vmsd.map
SERVER-INT.vmsd.tmp.map
SERVER-INT.vmx.copy.map
SERVER-INT.vmx.map
SERVER-INT.vmx.tmp.map
SERVER-INT.vmxf.map
SERVER-INT.vmx~.map
nvram.map
vmware-20.log.map
vmware-21.log.map
vmware-22.log.map
vmware-23.log.map
vmware-24.log.map
vmware-25.log.map
vmware.log.map
vmx-SERVER-INT-4066450649-2.vswp.map
debug3: channel 0: will not send data after close
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

debug3: send packet: type 1
Transferred: sent 2804, received 3864 bytes, in 0.2 seconds
Bytes per second: sent 16210.7, received 22338.9
debug1: Exit status 0

but xsibackup keeps giving the same result

> You must not use this syntax to backup a VM

i tried with the syntax you described but, as you can see from the output above, there is no * .vmx file.

it is not clear to me if xsibackup uses the system ssh or not, in case something can be done?

Offline

#6 2021-04-13 17:29:37

admin
Administrator
Registered: 2017-04-21
Posts: 2,055

Re: Is it possible to use ssh as a source for the restore?

We really don't know what you are trying to do.
You have removed part of our original command from your post.
Our original proposed command

ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no -i xsibackup_id_rsa admin@nasponte "date"

Yours: the remote command 'date' is missing, you changed it by a 'ls' command. We were trying to determine whether the date binary was there and whether it was returning something.

ssh -vvv -p22 -o ConnectTimeout=30 -o PasswordAuthentica
tion=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no -i xsibackup_
id_rsa admin@192.168.2.49 -2 "ls /share/Storage/vmimages/SERVER-INT/20210413085226/SERVER-INT"

Replacing the ESXi 5.5 ssh client with 6.5's is out of the scope of the support we can offer you.
You haven't even clearly stated so far what kind of system you are trying to connect to.

The .vmx file is obviously .vmx.map, the files are deduplicated. You are restoring from a deduplicated repository where the files are represented by their corresponding hashmaps.

Excerpt:
- You are able to write data to the remote FS, thus SSH is working indeed.
- You are kicked off with a "permission denied" message when you try to restore.
- That very same command is executed remotely when you run the backup and must be printed out in your backup output (we don't know you didn't post it).
- The only difference is that the backup SSH tunnel is openned with a user cipher list while the date probe is run via autonegotiation.
Run this with the original 5.5 SSH client (we added the same user cipher list as in the backup, which is in turn the list you can find at the etc/xsibackup.conf file):

ssh -vvv -p22 -c "aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc
ssh_ciphers=auto" -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthentications=publickey -o StrictHostKeyChecking=no
-i xsibackup_id_rsa admin@192.168.2.49 "date"

This is really puzzling, we couldn't find out what's going on without revising that unknown system, we can't offer you to do that for you though.

Offline

#7 2021-04-14 11:17:01

cabsrl
Member
Registered: 2021-04-08
Posts: 5

Re: Is it possible to use ssh as a source for the restore?

We really don't know what you are trying to do.

I'm trying to reveal where the error may be, which in my opinion is to be found in the way you try to connect as an ssh client during the restore. in fact, the anomaly is that the backup phase (remote and to ssh) works without problem in the same environment and on the same machine where the restore does not work.

Replacing the ESXi 5.5 ssh client with 6.5's is out of the scope of the support we can offer you.

the idea was simply to provide you with an answer about your "The server doesn't seem to be recognizing the key format".
in that case the problem is only in the ssh client which in esxi5.5 is old and is not able to read keys in that format, although the authentication is then carried out successfully.

You haven't even clearly stated so far what kind of system you are trying to connect to.

backup destination and source is a qnap TS-453B version 4.5.2

- You are able to write data to the remote FS, thus SSH is working indeed.
yes, both vmware 6.5 and 5.5
with 6.5 backup&restore is ok.
with 5.5 only backup works

- You are kicked off with a "permission denied" message when you try to restore.
so it seems, but from your posts it could be a generic error, given even in the absence of the necessary permissions or even the file, if I understand correctly.

- That very same command is executed remotely when you run the backup and must be printed out in your backup output (we don't know you didn't post it).

From VM5.5 machine see here (..VMs(xx) syntax doesn't work for no reason!):

./xsibackup --backup /vmfs/volumes/datastore1/ubuntu20/  admin@192.168.2.49:22:/share/Storage/v
mimages/ubuntu20
|---------------------------------------------------------------------------------|
||-------------------------------------------------------------------------------||
|||   (c)XSIBackup-Free 1.4.3.17: Backup & Replication Software                 |||
|||   (c)33HOPS, Sistemas de Informacion y Redes, S.L. | All Rights Reserved    |||
||-------------------------------------------------------------------------------||
|---------------------------------------------------------------------------------|
                   (c)Daniel J. Garcia Fidalgo | info@33hops.com
|---------------------------------------------------------------------------------|
System Information: ESXi, Kernel 5 Major 5 Minor 0 Patch 0
-----------------------------------------------------------------------------------------------------------
License: 000106E5000000000000000000101828d1d2, (remaining trial time: 467:04:29 | (c)XSIBackup-Free
-----------------------------------------------------------------------------------------------------------
Remote system: Linux
-----------------------------------------------------------------------------------------------------------
PID: 1850775, Running job as: admin
-----------------------------------------------------------------------------------------------------------
LZJB compression has been enabled
-----------------------------------------------------------------------------------------------------------
Block size is 1.00 MB (1048576 bytes)
-----------------------------------------------------------------------------------------------------------
Remote xsibackup binary found at: /bin/xsibackup
-----------------------------------------------------------------------------------------------------------
SOURCE: /vmfs/volumes/606c5ff2-6cd59cb6-d889-00101828d1d2/ubuntu20
-----------------------------------------------------------------------------------------------------------
Performing --backup action
-----------------------------------------------------------------------------------------------------------
(c)XSIBackup-Free setting repository at /share/Storage/vmimages/ubuntu20
-----------------------------------------------------------------------------------------------------------
.xsitools file created at: admin@192.168.2.49:22:/share/Storage/vmimages/ubuntu20/.xsitools
-----------------------------------------------------------------------------------------------------------
Item number 1 in this job
-----------------------------------------------------------------------------------------------------------
Virtual Machine Name: ubuntu20
-----------------------------------------------------------------------------------------------------------
Creating snapshot VM : ubuntu20 (powered on)
-----------------------------------------------------------------------------------------------------------
*** Snapshot was successfully created ***
-----------------------------------------------------------------------------------------------------------
Virtual Machine: ubuntu20
-----------------------------------------------------------------------------------------------------------
Backup start date: 2021-04-14T12:55:42
-----------------------------------------------------------------------------------------------------------
2021-04-14 12:55:42 | Backing up 17 files, total size is 203.13 GB
-----------------------------------------------------------------------------------------------------------
    NUMBER                                                         FILE             SIZE          PROGRESS
-----------------------------------------------------------------------------------------------------------
    1/17                                                   ubuntu20.vmx          3.10 KB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    2/17                                                  ubuntu20.vmxf        366.00 B     | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    3/17                                                  ubuntu20.vmsd        438.00 B     | Done   0.00%
-----------------------------------------------------------------------------------------------------------
    4/17                                             ubuntu20-flat.vmdk        200.00 GB    | Done   0.00%
-----------------------------------------------------------------------------------------------------------
::: detail ::: 6.76% done | block 13840 out of 204800                                       | Done   6.65%

From VM6.5 see other posts.

- The only difference is that the backup SSH tunnel is openned with a user cipher list while the date probe is run via autonegotiation.
I am not an expert, but what do you deduce that it is in autonegotation? "Authentication succeeded (publickey)" is always visible in the logs.

Run this with the original 5.5 SSH client (we added the same user cipher list as in the backup, which is in turn the list you can find at the etc/xsibackup.conf file):

/usr/lib/vmware/openssh/bin/ssh-old -vvv -p22 -c "aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3
des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc" -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o PreferredAuthenti
cations=publickey -o StrictHostKeyChecking=no -i xsibackup_id_rsa admin@192.168.2.49 "date"
OpenSSH_5.6p1, OpenSSL 1.0.1e 11 Feb 2013
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.2.49 [192.168.2.49] port 22.
debug2: fd 3 setting O_NONBLOCK
debug1: fd 3 clearing O_NONBLOCK
debug1: Connection established.
debug3: timeout: 30000 ms remain after connect
debug1: permanently_set_uid: 0/0
debug3: Not a RSA1 key file xsibackup_id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file xsibackup_id_rsa type 1
debug1: identity file xsibackup_id_rsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: match: OpenSSH_8.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.6
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 147/320
debug2: bits set: 4108/8192
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: host 192.168.2.49 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: host 192.168.2.49 filename /.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host '192.168.2.49' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug2: bits set: 4066/8192
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: xsibackup_id_rsa (0x1f008598)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred:
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: xsibackup_id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp e8:48:66:0f:08:fc:e1:d1:2c:05:cc:14:f5:19:ee:e1
debug3: sign_and_send_pubkey: RSA e8:48:66:0f:08:fc:e1:d1:2c:05:cc:14:f5:19:ee:e1
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.2.49 ([192.168.2.49]:22).
debug1: channel 0: new [client-session]
debug3: ssh_session2_open: channel_new: 0
debug2: channel 0: send open
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Remote: /root/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug1: Remote: /root/.ssh/authorized_keys:3: key options: agent-forwarding port-forwarding pty user-rc x11-forwarding
debug2: callback start
debug2: client_session2_setup: id 0
debug1: Sending command: date
debug2: channel 0: request exec confirm 1
debug2: fd 3 setting TCP_NODELAY
debug2: callback done
debug2: channel 0: open confirm rwindow 0 rmax 32768
debug2: channel 0: rcvd adjust 2097152
debug2: channel_input_status_confirm: type 99 id 0
debug2: exec request accepted on channel 0
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
debug2: channel 0: rcvd eow
debug2: channel 0: close_read
debug2: channel 0: input open -> closed
debug2: channel 0: rcvd close
debug3: channel 0: will not send data after close
Wed Apr 14 13:06:35 CEST 2021
debug3: channel 0: will not send data after close
debug2: channel 0: obuf empty
debug2: channel 0: close_write
debug2: channel 0: output drain -> closed
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)

debug3: channel 0: close_fds r -1 w -1 e 6
Transferred: sent 3120, received 5408 bytes, in 0.2 seconds
Bytes per second: sent 20241.5, received 35085.2
debug1: Exit status 0

"ssh_ciphers=auto" it was not recognized as correct and so I took it out of the command:

/usr/lib/vmware/openssh/bin/ssh-old -vvv -p22 -c "aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3
des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc ssh_ciphers=auto" -o ConnectTimeout=30 -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o
PreferredAuthentications=publickey -o StrictHostKeyChecking=no -i xsibackup_id_rsa admin@192.168.2.49 "date"
OpenSSH_5.6p1, OpenSSL 1.0.1e 11 Feb 2013
Unknown cipher type 'aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc ssh_ciphers=auto'

This is really puzzling, we couldn't find out what's going on without revising that unknown system, we can't offer you to do that for you though.

could I propose to add debug logs to the restore phase?

Offline

#8 2021-04-14 17:14:03

admin
Administrator
Registered: 2017-04-21
Posts: 2,055

Re: Is it possible to use ssh as a source for the restore?

Yes, sorry that was a typo from our part, it somehow got there with the cut&paste.
It's not the restore that's failing.

Totally puzzling. You run the very same command on --backup and it works, then you run it from the command line and it fails with an error that states the client can't regognize the RSA key format.

Whether you aren't using the same keys or you have some fairies playing inside your ESXi box.

I think it's time for you to use some compatible target device.

Offline

#9 2021-04-15 08:49:17

cabsrl
Member
Registered: 2021-04-08
Posts: 5

Re: Is it possible to use ssh as a source for the restore?

Whether you aren't using the same keys or you have some fairies playing inside your ESXi box

I remember you however that the --add-key works perfectly.

Really, it is not possible to have more detailed logs during the restore phase?

I think it's time for you to use some compatible target device.

Although I can understand your answer as a programmer (I am too and I realize how difficult it can be to shoot blindly) if the problem is on my side, I'll take care of it, but I need tools for verification, such as a detailed log, as requested in the first post
as a customer, surely, it would be read as a synonym of seriousness and professionalism

Offline

#10 2021-04-15 13:35:09

admin
Administrator
Registered: 2017-04-21
Posts: 2,055

Re: Is it possible to use ssh as a source for the restore?

Yes, we know. --backup --add-key, it doesn't matter. Some coomands work, some others don't. In any case, I remember you that you are playing around with some firmware that for some reason you don't want to reveal, thus our possibilities to help you are even more reduced.

You have the --verbosity flag for that, still, it's not the restore that fails, that's just the command you run, you aren't getting to it though.

This is what you must be concerned about.

...
debug3: Not a RSA1 key file xsibackup_id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
...

Offline

Board footer