NSX SFTP Backup stops working after upgrade to NSX 6.3.*

I am in a process of upgrading NSX 6.2.4 by a customer in three locations deployed using VVD Deployment Toolkit. The NSX Upgrade itself went really smoothly. However, after the upgrade, we noticed that SFTP backup stopped working with an enigmatic error.

1
Unable to connect to server FQDN at 22. Either server details are invalid or invalid credentials are presented.( Common algorithms not found. )
NSX Backup Stopped working After checking credentials and SFTP backup destination server I found that with NSX 6.3.0 SFTP supports following backup ciphers:
1
2
3
Encryption: aes128-cbc, aes128-ctr, aes192-cbc, aes192-ctr, aes256-cbc, aes256-ctr
Message Authentication(mac): hmac-sha2-256
Key Exchanges: diffie-hellman-group-exchange-sha256

https://docs.vmware.com/en/VMware-NSX-for-vSphere/6.3/rn/releasenotes_nsx_vsphere_630.html

To fix the issue sshd config must be adjusted:

  1. Edit the ssh_config.
  2. sshd_config keywords Cipher and MACs need to be updated with the correct Cipher and MAC algorithms.For example:
1
Ciphers aes128-cbc,aes128-ctr,aes192-cbc,aes192-ctr,aes256-cbc,aes256-ctr MACs hmac-sha2-256

Once config change is done, restart ssh deamon and backup will start to work again.

All rights reserved © Wojciech Marusiak
Last updated on 23 Oct, 2017 08:33 ETC
Built with Hugo
Theme Stack designed by Jimmy