yos@vyos# set sys confi commit-a lo 'scp://root:[email protected]:/root/bac [edit] vyos@vyos# compare [edit system config-management] +commit-archive { + location scp://root:[email protected]:/root/back +} [edit] vyos@vyos# commit Archiving config... scp://192.168.255.176:/root/back curl: (60) SSL peer certificate or SSH remotK More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. Failed! [edit] vyos@vyos# run sh conf comm | grep config set system config-management commit-archive location 'scp://root:[email protected]' set system config-management commit-revisions '100'
Description
Description
Details
Details
- Difficulty level
- Unknown (require assessment)
- Version
- 1.4-rolling-202103251004
- Why the issue appeared?
- Will be filled on close
- Is it a breaking change?
- Unspecified (possibly destroys the router)
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
In progress | FEATURE REQUEST | None | T3355 Remove all remaining legacy Vyatta code | ||
Resolved | FEATURE REQUEST | erkin | T3356 Script for remote file transfers | ||
Resolved | BUG | erkin | T3439 Commit-archive location not working for scp |
Event Timeline
Comment Actions
This command is used to generate the ssh fingerprint of your host when vyos cannot verify the legitimacy of the remote server
ssh-keyscan >> ~/.ssh/known_hosts
Then you can configure the commit-archive command for scp or others.
set system config-management commit-archive location
Reference link:
https://docs.vyos.io/en/latest/cli.html#remote-archive
Tested in the lab:
vyos@vyos:~$ sh ver Version: VyOS 1.4-rolling-202103251004 Release Train: sagitta Built by: [email protected] Built on: Thu 25 Mar 2021 10:09 UTC vyos@vyos:~$ sudo ssh-keyscan 192.168.x.x >> ~/.ssh/known_hosts # 192.168.x.x:22 SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2 # 192.168.x.x:22 SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2 # 192.168.x.x:22 SSH-2.0-OpenSSH_7.9p1 Debian-10+deb10u2 [edit system config-management] vyos@vyos# set commit-archive location scp://root:[email protected]/root/backup [edit system config-management] vyos@vyos# commit Archiving config... scp://192.168.x.x/root/backup OK root@debian:~# ls -ltr /root/backup total 12 -rw-r--r-- 1 root root 1205 Mar 29 01:52 config.boot-vyos.20210329_095215 -rw-r--r-- 1 root root 1205 Mar 29 02:04 config.boot-vyos.20210329_100404 -rw-r--r-- 1 root root 1204 Mar 29 02:04 config.boot-lab.20210329_100448
Comment Actions
I tried using ssh-keyscan and it's still didn't work for me and it still having the same curl error 60
vyos@vyos:~$ sh ver Version: VyOS 1.4-rolling-202103251004 Release Train: sagitta Built by: [email protected] Built on: Thu 25 Mar 2021 10:09 UTC Build UUID: 968aa51d-3c53-4009-b8ec-b67d3ba028d0 Build Commit ID: 3ccfd2bf06c7d1 Architecture: x86_64 Boot via: installed image System type: bare metal Hardware vendor: Hewlett-Packard Hardware model: HP Mini 210-2000 Hardware S/N: 4CZ0362262 Hardware UUID: e7cc0a3a-2152-2ffe-33e3-5e8f57258c1d Copyright: VyOS maintainers and contributors vyos@vyos:~$ sudo ssh-keyscan 192.168.1.100 >> ~/.ssh/known_hosts # 192.168.1.100:22 SSH-2.0-OpenSSH_8.1 # 192.168.1.100:22 SSH-2.0-OpenSSH_8.1 # 192.168.1.100:22 SSH-2.0-OpenSSH_8.1 vyos@vyos:~$ conf [edit] vyos@vyos# save scp://raphielrollerscaperers:[email protected]:/~/Documents/GitHub/vyos-backup/vyos-30032021 Saving configuration to 'scp://raphielrollerscaperers:[email protected]:/~/Documents/GitHub/vyos-backup/vyos-30032021'... #=#=- # # curl: (60) SSL peer certificate or SSH remote key was not OK More details here: https://curl.haxx.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. Error saving scp://raphielrollerscaperers:[email protected]:/~/Documents/GitHub/vyos-backup/vyos-30032021 [edit] vyos@vyos#
Comment Actions
Hi @raphielscape ,
The workaround for save command does not seem to work, have you tried for commit-archive option ?
Can you check if the keys are stored in the file ~/.ssh/known_hosts .