/opt/tomcat/logs/rsaweb-log.log
DEBUG [ajp-nio-8009-exec-3] RKMALogger.doLog(330) | com.rsa.appliance.web.NewBackupController.configureBackup(NewBackupController.java:133) : Enter method configureBackup
DEBUG [ajp-nio-8009-exec-3] RKMALogger.doLog(330) | com.rsa.appliance.web.NewBackupHandler.configureBackup(NewBackupHandler.java:93) : Enter method configureBackup
DEBUG [ajp-nio-8009-exec-3] RKMALogger.doLog(330) | com.rsa.appliance.service.impl.NewBackupServiceImpl.configureBackup(NewBackupServiceImpl.java:63) : Enter method configureBackup
ALL [ajp-nio-8009-exec-3] AuditServiceImpl.audit(109) | [CONFIGURE_BACKUP] User rkmaadmin has configured backup on bkpuser@10.10.10.10 INFO [ajp-nio-8009-exec-3] RKMALogger.sysLog(372) | [CONFIGURE_BACKUP] User rkmaadmin has configured backup on bkpuser@10.10.10.10
ERROR [ajp-nio-8009-exec-3] RKMALogger.doLog(330) | com.rsa.appliance.web.NewBackupController.configureBackup(NewBackupController.java:149) : Error while configuring backup
/opt/appliance/logs/rkma-system.log
2014-05-29 09:11:10,441 ERROR - error.backup.configuration.remote.host.unreachable
backup.log
Configuring backup ... Started
Cleanup ... Started
Unmounting mount point ... Started
Unmounting mount point ... Done
Removing backup SSH keys ... Started
Removing backup SSH keys ... Done
Cleanup ... Done
Create SSH key ... Started
Create SSH key ... Done
Copy SSH public key to the remote host ... Started
Remote host IP validation ... Done
Copy SSH Public Key to Remote Server /root/.ssh/backupSSHKey.pub dir <hostname>
Failed to copy SSH public key to the remote host [ERROR CODE: 110 ]
Deleting backup work folder ...
remote backup user in a chroot environment, as according to SSHFS wiki https://wiki.archlinux.org/index.php/sshfs) this is how you do it secure.
Current backup configuration process:
- SSH key created on the appliance
- SSH key copied to remote server using SCP
- Local mount point is created
- Remote backup folder mounted using SSH key
- GPG key created
- Backup folder created in mounted folder
- Backup retention policy file created and copied in mounted folder
Since the user is restricted in doing ONLY internal-sftp, copying the SSH key file using SCP fails.
Workaround:
1. On the remote backup server, create the .ssh folder with proper permissions
mkdir .ssh; chown bkpuser:bkpuser .ssh; chmod 700 .ssh
2. On the appliance
sshfs bkpuser@10.101.65.148: /tmp/mount
umask 077
cat /root/.ssh/backupSSHKey.pub >> /tmp/mount/.ssh/authorized_keys
umount /tmp/mount
3. Edit the file /opt/rsa/setup/sh/backup/IncrementalBackupOperations.sh in the method configureBackup to comment those lines:
#Unmount mount point and remove Backup SSH keys
#cleanup
#Create Backup SSH Key:
#createSSHKey $SSH_KEY_FILE
#exitOnError $? "Error in creating backup SSH key"
#Copy SSH Public Key To Remote Location:
#copySSHPulicKeyToRemoteLocation $REMOTE_HOST_IP $REMOTE_HOST_USERNAME $SSH_KEY_FILE "$REMOTE_HOST_PASSWORD"
#exitOnError $? "Error in copying backup SSH key to remote location"
4. Configure the backups as normal via the appliance console
Related Articles
RSA Smart Card Middleware 3.6 PKCS 11 Developer Guide Number of Views OpenSSL Vulnerability in RSA Authentication Manager 8.1 & 7.1 CVE-2015-3197 and CVE-2016-0701 - False Positive Number of Views PAM Agent Solaris 10 sshd allows SecurID challenged user with blank Unix password access without challenge Number of Views How to retrieve ECDH public key data after R_CR_key_exchange_phase_1() Number of Views RSA Authentication Manager 8.x Linux Kernel Vulnerability (CVE-2017-2636) - False Positive Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
