Testing SSH backup for Warm Spare

sorvani · November 4, 2020, 5:05am

I added an SSH location in Filestore.

Then I created a backup to use it. Only backing up Core for the test.

But when the backup runs it says it cannot log in.

But I can log in with no password with the specified key.

kgupta · November 4, 2020, 8:02am

hi @sorvani please try ssh after switching to asterisk user.

su asterisk
try ssh command

sometimes, ssh tries to add an entry to “known_host” and ask for permission, which needs to be manually enabled (press y) so that next time onward, it will ssh without asking for anything.

Let me know if this helps.

sorvani · November 4, 2020, 3:17pm

Look at the last screen shot. I ran the command as the asterisk user.

sorvani · November 4, 2020, 4:52pm

But just to make you happy @kgupta1

kgupta · November 5, 2020, 1:17am

Hi, @sorvani thanks for the update. Ideally should not happen. Please raise jira at issues.freepbx.org and if SSH is possible then PM me with your server access details, I can quickly check.

Thanks

sorvani · November 9, 2020, 7:13pm

Issue opened. https://issues.freepbx.org/browse/FREEPBX-22021

So, more testing today. The problem is using a key other than the default id_rsa key.

I don’t use RSA keys on anything anymore. Have not for years. So this is an issue with something in the code most likely not reading keys in formats other than RSA.

As soon as I changed filestore to use /home/asterisk/.ssh/id_rsa the backup worked.

[root@pbx ~]# fwconsole bu --backup 8f407dee-148d-4cbc-92e4-0d55fc4b474a
Transaction ID is: 35080f5f-1ef7-4667-9179-a1fb42015f97
Running Backup ID: 8f407dee-148d-4cbc-92e4-0d55fc4b474a
Transaction: 35080f5f-1ef7-4667-9179-a1fb42015f97
Starting backup Test-SSH
This backup will be stored locally and is subject to maintenance settings
Backup File Name: 20201109-140848-1604948928-15.0.16.76-823745335.tar.gz
Working with core module
Exporting Feature Codes from core
Exporting Advanced settings from core
Exporting KVStore from Core
	Adding module manifest for core
	Adding custom directory to tar: customdir/etc/asterisk
Starting Cleaning up
Finished Cleaning up
Finished created backup file: 20201109-140848-1604948928-15.0.16.76-823745335.tar.gz
Performing Local Maintenance
Finished Local Maintenance
Performing Remote Maintenance
Finished Remote Maintenance
Saving to selected Filestore locations
	Saving to: SSH:'Local FreePBX 15' instance ,File location: /var/spool/asterisk/backup/Test-SSH/20201109-140848-1604948928-15.0.16.76-823745335.tar.gz 
Finished Saving to selected Filestore locations
Backup completed successfully
[root@pbx ~]#

jphilip · February 17, 2021, 6:07am

Currenlty filestore module supports only RSA public-key algorithm for SSH key

https://wiki.freepbx.org/display/FPG/Filestore+Module#FilestoreModule-SSH

dicko · February 17, 2021, 6:20am

But you could ‘fiddle it’ with a ‘local’ sshfs mount of your flavor.

sorvani · February 17, 2021, 7:48am

I could get around it in many ways. That is not the point.

But instead of trying fix the problem, let’s update the wiki to say you can’t use anything but a depreciated algorithm.

system · June 3, 2021, 11:04pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.