Wednesday, October 17, 2012

My simple means to backup your ios router

How to back up a cisco  ios router with  a shell and expect script, that I would like to share. It allows for you to  use a shell script that will pull down the cfg and copy the output to your backup directory and name the file and set the date.

Doing this allows for an simple backup solution,  and away to have the means for archival data, that easy to diff. I know rancid is another solution but this is an alternative to rancid or if your not a big fan of rancid. 

 ==================SOF  shell_script===========================
date='date +%G%F%s_%h%d_%y'
Z=`date +%G%F%s_%h%d_%y`
cd /home/backupnet/$a
/usr/bin/expect /home/backupnet/expect/2nd.exp > $a.$Z
cd /home/backupnet/$b
/usr/bin/expect /home/backupnet/expect/2nd.exp > $b.$Z
  ==================EOF  shell_script===========================

and for the expect script that I call every 24hours

 ==================SOF  expect_script===========================
###  backup script to pull cfg down execute by bash script

# ---------------- configuration ---------------- #
set router [ lindex $argv 0]
set username "settheusername_here"
set password "settheusername_password here"

# -------------- do not edit below -------------- #
spawn ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -l $username $router
expect "assword:"
send "$password\n"
expect ">"
send "term leng 0\n"
expect ">"
send "enable\n"
send "$password\n"
send "\n"
expect "#"
send "show running-config\n"
expect "no cns aaa enable"
send "exit\n"

 ==================EOF  expect_script===========================


To prevent any ssh errors, I 've always  set the options to ignore the hostkey check and reference a bogus file for the knownHosts. This can pose a security risk if any thing was hijacked.

Ken Felix
Freelance Security and Network Engineer
kfelix " a t "
Cisco Certified Professional  
(coming soon )

No comments:

Post a Comment