After upgrade to FortiOS 7.2.5 trying to restore configuration using SCP returns 501-Permission Denied.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi @dosbre
You can restore the configuration using the SCP.
What file name are you giving when trying to restore?
It should be fgt-restore-config.
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
Hi, @pgautam
The command is used in a script, so the user has ssh-public-key1 configured. Trying to restore using password authentication works, but with configured keys it returns 501-Permission Denied. Althorught login with SSH keys still works.
$ scp -v backup.conf <IP_FGT>:fgt-restore-config
...
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:6MS1v/a5+7rPjY9cM6Cd6AkiwzDx9R4wfj+3uXF/5tU /home/<USER>/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 535
debug1: Authentication succeeded (publickey).
Authenticated to <IP_FGT> ([IP_FGT]:22).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00@openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: scp -v -t fgt-restore-config
501-Permission Denied
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug1: channel 0: free: client-session, nchannels 1
debug1: fd 0 clearing O_NONBLOCK
debug1: fd 1 clearing O_NONBLOCK
debug1: fd 2 clearing O_NONBLOCK
Transferred: sent 3504, received 1976 bytes, in 0.1 seconds
Bytes per second: sent 57751.3, received 32567.5
debug1: Exit status 0
Thanks for helping
Hi @dosbre
A quick search over the Internet shows that this is a Linux side issue ("501-Permission Denied" message):
https://www.linuxquestions.org/questions/linux-software-2/scp-problem-after-a-debian-upgrade-squeeze...
https://community.fortinet.com/t5/Support-Forum/scp-problem-after-a-debian-upgrade-squeeze/m-p/13546...
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
Hi,
Just tried using PuTTY's pscp and got the same error. It seems it's a Windows site issue too. The only change was the FortiOS version, the script and SSH keys are the same.
Althorught, restore still works using password authentication:
$ scp -o PubkeyAuthentication=no <backup-config> <user>@<IP_FGT>:fgt-restore-config
Thanks.
Hello,
I'm having exactly the same problem. Up to version 6.4.11 it worked correctly, and the only change was the update to version 7.2.5.
Regards
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1548 | |
1032 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.