Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
0 Kudos

Config Backup via SSH

Submitted by -
Status: New Idea

Hi it would be nice, if a config-backup via SSH could be implemented, so that one can simply run

 

ssh ubnt@edgeswitch 'show running-config" > file_on_local_machine.bck

 

Best regards,

C5

Comments
by
on ‎09-14-2017 06:40 AM

You already can.

 

ssh-copy-id to the EdgeRouter, then scp /config/* to whereever you want to back it up to.

 

PRoblem is, the SSH keys are NOT saved after a reboot/upgrade and you have to re-do the ssh-copy-id to the EdgeRouter if it's rebooted.

 

https://community.ubnt.com/t5/EdgeMAX-Feature-Requests/EdgeRouter-SSH-keys-save-after-reboot-upgrade...

by
on ‎09-14-2017 07:10 AM

This request is for an EdgeSwitch, not an EdgeRouter.  The two are completly different.

 

On the ES, view access to the running configuration is a privileged operation requiring an interactive escalation to an 'enable' prompt making a non-interactive operation such as is requested difficult or even not possible.

by
Friday

Not to detract from the suggestion (a more direct backup would be appreciated), this is currently achievable without interaction - it just requires a workaround.  I use ruby with net-ssh to automate config backups and for our Edgeswitches I simply pre-fix something like "enable\n#{@enable_pw}" - works pretty well.

 

Being able to use SSH in a consistent manner for all EdgeMax devices would be appreciated though - particularly coupled with SSH key suppport so we can stop using plain text passwords.

by
Monday

Such a solution is not removing the interaction - it is simply automating it from the client side.  Similar may be done using 'expect' or similar functionaity avaiable with/for most RTEs in use today.  Jsh is commonly used for this in a more-secure fashion.

 

Tools such as rancid do similar.  That doesn't solve the simple case of a non-interactive copy