Troubleshooting: Configuration Sync Issues from Director to Branch

This article describes how to troubleshoot configuration sync issued between Director and Branch.

Sometimes, you will not be able to sync the Director configuration with the branch and will get the following error on the Director UI.

Remote Server Exception view details malformed-message : Failed to authenticate towards device GIMEC-LAB-CPE2: Bad private SSH key for local/remote user arun.c/admin

This error state will not allow you to commit any changes to the Branch device.

This issue is caused by one of the two following causes

  1. Host IP moves from one device to another and the Director updates the keys of old IPs and tries to authenticate using the same keys. This authentication fails as the IPs are already configured in another host.
  2. The appliance is missing the Versa Director Keys

To fix the issue, we have two steps that need to be followed

Step 1: Execute the shell command  
sudo /opt/versa/vnms/scripts/push_keys_to_device.sh <IP-Address> <device-password> 

This shell command pushes the key from the Versa Director to the affected Branch.

admin@DIRECTOR:~$ sudo /opt/versa/vnms/scripts/push_keys_to_device.sh 10.3.64.229 ****** [sudo] password for admin: Warning: Permanently added '10.3.64.229' (ECDSA) to the list of known hosts. 0 0 admin@DIRECTOR:~$
Step 2: Run the CLI command
request devices fetch-ssh-host-keys device <device-name>

This command, fetches the Key form the Branch Device using Versa Director.

Administrator@Director-New> request devices fetch-ssh-host-keys device Branch-2 fetch-result { device Branch-2 result unchanged fingerprint { algorithm ssh-dss value 2a:5c:1b:d1:4c:31:cd:37:35:a7:27:25:be:dd:f3:b7 } }

Once these steps are done, you will be able to sync the configuration between the Director and Branch and commit any changes via the Versa Director.

Summary

In this article, we saw what causes the sync issue between Director and Branch configuration and how to fix it by updating the Host IP address and keys.