- Posts: 1
- Thank you received: 0
Autobackup of Router Config file using SSH key
11 years 6 months ago #38324
by khandesha
Autobackup of Router Config file using SSH key was created by khandesha
Taking cisco router Config-file backup from Linux machine using private and public rsa-ssh-key for password less authentication .
!!! This is live tested example !!!
Step 1:
root@test# ssh-keygen -t rsa
root@test# it will ask to you for rsa ssh key name and where to save this rsa ssh key the give the destination path,
if you want to save at specific location or if you press enter then it will save at root home directory bydefualt.
root@test# give how many bit to be create ssh key i.e. 2048
Creating ssh key ok….
Now rsa 2048 key has been created.
Step 2:
root@test# more rsa_sshtest.pub
root@test# then copy that all ssh key into notepad.
root@test# exit
Step3:
Log into cisco router which is you want to take backup of config file for every day.
And run the following commands on the router.
Telnet or ssh login 1.1.1.1 ( type username and password)
Type enable password.
R1# conf t
R1(config)#aaa new-model
R1(config)#aaa authentication login MVPN local
R1(config)#aaa authorization exec default local
R1(config)#aaa authorization network MVPN local
R1(config)#username backup pri 15 sec ( passowrd)
R1(config)#ip ssh pubkey-chain
R1(config)#username backup
R1(config)#key-string
R1(config)#(user-data)# past the rsa ssh pub key which is generated
on linux machine.
R1(config)#(user-data)#exit
R1(config)#exit > enter
Step5:
To take backup of any cisco device please run Commands on linux machines.
Command to be executing on the machine as below.
Commands :- scp - i /home/backup/rsa_testkey backup@1.1.1.1:nvram:startup-config
Notice:
Please use rsa 2048 bit ssh key for more security.
!!! This is live tested example !!!
Step 1:
root@test# ssh-keygen -t rsa
root@test# it will ask to you for rsa ssh key name and where to save this rsa ssh key the give the destination path,
if you want to save at specific location or if you press enter then it will save at root home directory bydefualt.
root@test# give how many bit to be create ssh key i.e. 2048
Creating ssh key ok….
Now rsa 2048 key has been created.
Step 2:
root@test# more rsa_sshtest.pub
root@test# then copy that all ssh key into notepad.
root@test# exit
Step3:
Log into cisco router which is you want to take backup of config file for every day.
And run the following commands on the router.
Telnet or ssh login 1.1.1.1 ( type username and password)
Type enable password.
R1# conf t
R1(config)#aaa new-model
R1(config)#aaa authentication login MVPN local
R1(config)#aaa authorization exec default local
R1(config)#aaa authorization network MVPN local
R1(config)#username backup pri 15 sec ( passowrd)
R1(config)#ip ssh pubkey-chain
R1(config)#username backup
R1(config)#key-string
R1(config)#(user-data)# past the rsa ssh pub key which is generated
on linux machine.
R1(config)#(user-data)#exit
R1(config)#exit > enter
Step5:
To take backup of any cisco device please run Commands on linux machines.
Command to be executing on the machine as below.
Commands :- scp - i /home/backup/rsa_testkey backup@1.1.1.1:nvram:startup-config
Notice:
Please use rsa 2048 bit ssh key for more security.
11 years 4 months ago #38395
by dintid
Replied by dintid on topic Re: Autobackup of Router Config file using SSH key
Can recommend setting up Rancid from
www.shrubbery.net/rancid/
with postfix and cvs.
Automatically keeps versioncontrol and backup + emails you/your Group if any changes are made to the config.
I set mine up with cvsweb as frontend for easy versionbrowsing. See Attached.
Automatically keeps versioncontrol and backup + emails you/your Group if any changes are made to the config.
I set mine up with cvsweb as frontend for easy versionbrowsing. See Attached.
Attachments:
Time to create page: 0.117 seconds