Identity Broker SFTP Configuration failure on VCF Fleet Management 9.0 with error LCMVMSP10035 Handshake Error
Article ID: 424696
Updated On:
Products
Issue/Introduction
Configuring SFTP in VCF Fleet Management for Identity Broker fails with error LCMVMSP10035: "failed to connect to SSH server: ssh: handshake failed".
SFTP configuration is successful for VCFA and other components like NSX, VCSA etc.
SSH from VIDB appliance to SFTP server is succesful when tested with ssh -vvv username@sftpserverfqdn/ip
Configuration backup fails with error "platform-vmsp-platform-sftp: failed to connect to SSH server. ssh: handshake failed. ssh: unable to authenticate. attempted methods [none password], no supported methods remain"
Environment
Identity Broker
VCF Fleet Management 9.x
VCF Operations 9.x
Cause
The issue is caused by incorrect password in VIDB appliance secret configuration
Resolution
Verify the existing SFTP configuration on VIDB appliance and validate the password is correct
- Login on the Identity Broker appliance node (SSH) with the `
vmware-system-user` user - Change the user login to root by running
sudo -i - Export the KUBECONFIG env var with
export KUBECONFIG=/etc/kubernetes/admin.conf - List the current SFTP configuration
kubectl get pd vmsp-platform -n vmsp-platform -ojsonpath="{.spec.values.sftp}"kubectl get secret sftp-password-secret -n vmsp-platform -ojson | jq -r '.data | map_values(@base64d)'
If the sftpPassword is incorrect on VIDB appliance, please update the password using the command below
-
kubectl create secret generic sftp-password-secret -n vmsp-platform --from-literal='sftpPassword=<password>' --dry-run=client -o yaml | kubectl apply -f -
Additional Information
Feedback
