Host, path, and username are correct. Remote destination permissions are correct. Correct SSH keys have been added to the remote user's ~/.ssh/authorized_keys file. Remote user's ~/.ssh/authorized_keys and ~/.ssh/ directory have 0600 and 0700 permissions, respectively.
Release : 8.2.5 and higher
As of version 8.2.5, Security Analytics offers two types of configuration backup.
Full System is a complete rebuild of the configuration. This is the same as the standard complete backup in previous versions of Security Analytics, and is applicable only to the system on which it was created for reasons of restoration or replacement. When restored to a new appliance, this backup type will overwrite the existing configuration on that appliance.
Reference Configuration contains many elements of an existing configuration beyond initial networking setup and licensing. Configuration items include users, favorites, indicators, rules, capture graphs, system health tests, and more. The focus of this backup is to speed up the setup process of additional sensors in your environment, and to recover a failed system, preserving access to previously recorded data and metadata.
On-Demand Configuration Backup
Browse to Settings > System.
Under Backup Download, select a Backup Type and click Download Local Backup.
Your browser prompts you to find location to save the file to your local system.
Automated Configuration Backup and Restore
Archive your system configuration to a remote server, with enable regularly scheduled updates of that backup, and restore your system configuration from the Web UI.
Configure an Automated Backup of your configuration:
Browse to Settings > System.
Under Backup SSH Key Management, click Generate New SSH Keys.
Copy the generated key and install it on the SSH server to which you'll be saving backups.
Consider the following as you install the keys on your SSH server:
Permissions for the remote home directory ~, ~/.ssh directory and the ~/.ssh/authorized_keys file on the remote machine must be writable only by the user: rwx------ and rwxr-xr-x are acceptable permission levels, but rwxrwx--- is not.
Permissions on the remote ~/.ssh/authorized_keys file must be set to readable (at least 400), but also writable (600) if you intend to write additional keys to that file.
Under Automated Backup Management, choose your preferred Backup Type and set the frequency for your backups.
Backup Frequency and Mandatory Backup Interval options will take effect after your initial successful backup.
Backup Frequency sets how often the system will check for updates to your configuration. If there are any, a new backup will be captured and stored on the SSH server.
Mandatory Backup Interval sets how often the system will back up the configuration even when no changes have been made.
Define your server host and path in the appropriate fields. The Remote Username field is provided for test cases where an SSH key is not shared.
Click Save to commit any pending system configuration changes.
Click Backup Now to create your first backup.
From that moment forward, additional backups are performed based on your frequency and interval settings.
To restore your configuration, click Choose File to browse your system or network for the appropriate configuration file.
Note: Backup files may only be restored to the same version of Security Analytics and the same model of hardware. You may only restore a CMC backup on a CMC, and a Sensor backup on a Sensor. Attempting to do otherwise will fail, resulting in an error message on this screen.