Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Autobackup of Router Config file using SSH key

Autobackup of Router Config file using SSH key 3 years 7 months ago #38324

  • khandesha
  • khandesha's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Taking cisco router Config-file backup from Linux machine using private and public rsa-ssh-key for password less authentication .

!!! This is live tested example !!!

Step 1:
root@test# ssh-keygen -t rsa
root@test# it will ask to you for rsa ssh key name and where to save this rsa ssh key the give the destination path,
if you want to save at specific location or if you press enter then it will save at root home directory bydefualt.

root@test# give how many bit to be create ssh key i.e. 2048

Creating ssh key ok….
Now rsa 2048 key has been created.

Step 2:
root@test# more rsa_sshtest.pub
root@test# then copy that all ssh key into notepad.
root@test# exit

Step3:

Log into cisco router which is you want to take backup of config file for every day.
And run the following commands on the router.

Telnet or ssh login 1.1.1.1 ( type username and password)

Type enable password.
R1# conf t
R1(config)#aaa new-model
R1(config)#aaa authentication login MVPN local
R1(config)#aaa authorization exec default local
R1(config)#aaa authorization network MVPN local
R1(config)#username backup pri 15 sec ( passowrd)
R1(config)#ip ssh pubkey-chain
R1(config)#username backup
R1(config)#key-string
R1(config)#(user-data)# past the rsa ssh pub key which is generated
on linux machine.
R1(config)#(user-data)#exit
R1(config)#exit > enter


Step5:

To take backup of any cisco device please run Commands on linux machines.
Command to be executing on the machine as below.
Commands :- scp - i /home/backup/rsa_testkey backup@1.1.1.1:nvram:startup-config

Notice:

Please use rsa 2048 bit ssh key for more security.
The administrator has disabled public write access.

Re: Autobackup of Router Config file using SSH key 3 years 5 months ago #38395

  • dintid
  • dintid's Avatar
  • Offline
  • New Member
  • Posts: 2
  • Thank you received: 1
  • Karma: 0
Can recommend setting up Rancid from www.shrubbery.net/rancid/ with postfix and cvs.
Automatically keeps versioncontrol and backup + emails you/your Group if any changes are made to the config.
I set mine up with cvsweb as frontend for easy versionbrowsing. See Attached.
Attachments:
The administrator has disabled public write access.
Time to create page: 0.075 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup