Network Configuration Manager backup fails with errors while using SSH

Document ID : KB000004200
Last Modified Date : 22/10/2018
Show Technical Document Details
Issue:

Using SSH to backup configurations in Network Configuration Manager fails with the following errors:

"SPC-OCC-10750: Unknown failure"

SPC-NCM-20007: Capture Running Script Returned Error [255]: "make_path" is not exported by the File::Path module "remove_tree" is not exported by the File::Path module

In the NCMServ.out we can see "java.io.EOFException: SSHSCP1: premature EOF"

Environment:
Spectrum 9.4.x
Spectrum 10.0
Spectrum 10.1
Spectrum 10.2
Spectrum 10.3
Cause:

In the past, Spectrum Network Configuration Manager relied on Mindterm Libraries for SSH/SCP implementation. There are inherent issues with this API which is causing these failures randomly for some devices.

Resolution:

Engineering is aware of this issue and a fix is included in Spectrum r10.2.1. After upgrading to Spectrum 10.2.1 you will then need to make the following change to the NCM configuration:

Open the <SPECROOT>/NCM/config.xml file.

 

Change the below code:

<ssh-library type="java.lang.String">mindterm</ssh-library>

    <jsch-read-datawait type="java.lang.Integer">5</jsch-read-datawait>    

    <debugging type="java.lang.String">off</debugging>

    <diff-largefile type="java.lang.String">on</diff-largefile>

 

To this:

 

<ssh-library type="java.lang.String">jsch</ssh-library>

    <jsch-read-datawait type="java.lang.Integer">5</jsch-read-datawait>    

    <debugging type="java.lang.String">off</debugging>

 

    <diff-largefile type="java.lang.String">on</diff-largefile>

 

After that is complete, please restart the NCMservices for the changes to take effect.

Additional Information:
Please note: 

OpenSSH is not supported in Windows OS environments. Due to windows socket Architecture, file descriptors used by secure shell are not stable. Therefore be aware of any out of Box scripts of custom scripts being used for SSH communication through NCM Device Families. The scripts cannot use OpenSSH perl modules. 

Instead, look for scripts that "USE Net::SSH::Expect" modules, such as the OOB Cisco NX OS scripts.