Solved: Re: Doubts about saving/loading Gaia configuration

Franktum · ‎2023-12-19

Hi all,

I'm going to migrate a SMS from R80.40 to R81.20. I checked sk102234 and I got 2 questions about it:

What's the command set clienv on-failure continue for?
When you save the config, are the passwords stored as well?

Thanks!

Regards

_Val_ · ‎2023-12-20

Answers:

1. In a normal state, Gaia config files have extra protection from being overridden intentionally or by mistake. You can lift this protection with "on-failure" command, which allows you to load previously saved config files.

2. All local admin/expert passwords are saved as hashes, and they are included in the Gaia config file.

View solution in original post

the_rock · ‎2023-12-19

1) Its to either stop or continue loading the config when you run load config command from clish, meaning if you do continue, even if something is wrong, it would still load it...personally, I would NOT do that, as you want to make sure config is loaded correctly, unless you are 100% positive all is good. If you do stop option, then it would tell you like it stopped it, you can examine the config, fix it and then load again and so on, untill all is good (just my preference)

2) Yes

Andy

Best,
Andy
"Have a great day and if its not, change it"

Oliver_Fink · ‎2023-12-19

@the_rock wrote:

[…]

2) Yes

I would say, it depends:

If you save to Gaia DB (save config), "Yes" is correct.

If you save to file (save configuration _filename_), user credentials with hashes are saved to the file. Other credentials for external access (backups via SSH), that cannot be saved as hashes, are not saved and replaced with stars.

the_rock · ‎2023-12-19

I always found when doing load configuration command from clish with file I would save from save configuration command it would always restore all the same passwords. Though, you are 100% right that password would show as hashes, very true! Some other vendors, what people do is just delete hashes and then you log in with username if you cant recall the actual password, but not sure if that would work in CP, never tested it.

Andy

Best,
Andy
"Have a great day and if its not, change it"

Franktum · ‎2023-12-20

Oliver, what'd be the procedure to save to Gaia DB?

Oliver_Fink · ‎2024-01-15

Saving the configuration is done with "save config". Otherwise changes will be gone after reboot.

(Sorry for answering that late. I have been offline for some time…)

Lloyd_Braun · ‎2023-12-19

If I remember correctly, set clienv on-failure continue was very useful when migrating secureplatform configuration to gaia platform.

the_rock · ‎2023-12-19

I heard that before as well, never tested it myself, but it would ring logic to it, for sure.

Andy

Best,
Andy
"Have a great day and if its not, change it"

PhoneBoy · ‎2023-12-19

Without set clienv on-failure continue, the script will not be processed further if an error is encountered in processing a specific portion of the imported configuration.
This can happen for a variety of reasons.

_Val_ · ‎2023-12-20

Answers:

1. In a normal state, Gaia config files have extra protection from being overridden intentionally or by mistake. You can lift this protection with "on-failure" command, which allows you to load previously saved config files.

2. All local admin/expert passwords are saved as hashes, and they are included in the Gaia config file.

G_W_Albrecht · ‎2023-12-20

Why do you use: Doubts ? I would call it questions.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist

Are you a member of CheckMates?

Doubts about saving/loading Gaia configuration