[cisco-voip] cygwin as sftp server

Charles Goldsmith wokka at justfamily.org
Thu Apr 9 18:46:48 EDT 2015 

Agreed 100% and how I normally suggest.  This customer has no offsite
location for a linux box, and it would have been onsite in the same DC
as the UC gear.  They wanted to put the sftp server on their tape
media server, so that the backups would be put on tape and shipped
offsite with the rest of their backups.

Makes sense and I understand their reasoning.

On Thu, Apr 9, 2015 at 4:41 PM, Heim, Dennis <Dennis.Heim at wwt.com> wrote:
> I think the easiest option is just to deploy a Ubuntu or other Linux VM. You might have to spent 30 minutes to adjust the permissions... but I find that is easier than messing with Cygwin.
>
> Dennis Heim | Emerging Technology Architect (Collaboration)
> World Wide Technology, Inc. | +1 314-212-1814
>
>
> "Innovation happens on project squared" -- http://www.projectsquared.com
>
> Click here to join me in my Collaboration Meeting Room
>
>
>
> -----Original Message-----
> From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net] On Behalf Of Charles Goldsmith
> Sent: Thursday, April 09, 2015 5:31 PM
> To: voip puck
> Subject: [cisco-voip] cygwin as sftp server
>
> I was helping a customer out today to get their backups going on a new install and from the TAC supported choices, they chose cygwin.  It's been a few years since I've worked with it, but tested ssh/sftp to it from putty, but when trying to add a backup device in CUCM DRS, we were getting the standard failed message:
>
>  - Unable to save Backup Device successfully. Update failed : Unable to access SFTP server. Please ensure the username and password are correct.
>
> doing some debugs on the cygwin ssh, I saw that we were getting this :
>
>  - ssh_dispatch_run_fatal: no matching key exchange method found
>
> I'm no ssh expert, and even with the highest verbosity on the debugs, I couldn't figure out which one of these was the culprit, but these lines resolved it in the /etc/sshd_config
>
> KexAlgorithms diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
>
> My guess is that the latest cygwin comes with a newer version of openssh that by default, doesn't allow an older method to come from CUCM.
>
> The customer's environment is 10.5.2, and I was testing with 9.1.2 in my lab.  Both environments was using cygwin 1.7.35 and OpenSSH 6.8p1
>
> Let me know if you have any questions
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip

More information about the cisco-voip mailing list