Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Andreas_Aust
Collaborator

scp scheduled backup on 1200R

I can't believe that there is no option to make a scheduled backup to a scp server from a 1200R device R77.20.80. Is there a backup script or something like that ? Every answer is highly appreciated.

0 Kudos
14 Replies
_Val_
Admin
Admin

moved to the appropriate board

0 Kudos
funkylicious
Advisor

Hi,

Backing up the System In the Device > System Operations page you can backup and restore system settings.

Only to a FTP server is available and not SSH/SCP/SFTP.

0 Kudos
Andreas_Aust
Collaborator

FTP is such a secure protocol. Password is transmitted in plain text and I have only a scp server available.

0 Kudos
funkylicious
Advisor

Do it locally and create a script to move it.

0 Kudos
_Val_
Admin
Admin

@funkylicious 

They're is just one small problem with that: local backups are not scheduled by design.

0 Kudos

What about this command ?

[Expert@CPFW-2]# /pfrm2.0/bin/backup.sh
Usage: backup.sh [-hv] [-t tftp] or [-s SCP] [ipaddress] [filename] | [username] [password]

... and crontab it at whatever time you need...

0 Kudos
Andreas_Aust
Collaborator

I tried that command but in vain.

0 Kudos

Well, you may try to run backup from GUI and see what command it is running.

0 Kudos
Andreas_Aust
Collaborator

Which gui do you mean. WebUI or SmartProvisioning?

0 Kudos
_Val_
Admin
Admin

Unfortunately, out of the box it is the only option. There are several ways to make it more secure:

1. Backup to an internal server in a trusted zone

2. If backing up remotely, do it over VPN tunnel

3. Use password-protected encrypted backup

0 Kudos
John_Fleming
Advisor

You can for sure make this work, but it will take a little to make it happen. There was one issue where / wasn't owned by root:root but by some random PID. Most likely something in the build process of the image was dorked up. ls -ld / will confirm. Anyway that will stop ssh key auth from working.

Then you need to stick ssh key on the system. I think its /.ssh that they need to go in. Can't remember for sure.

2nd you need to create your cronjobs by hand.

3rd some of this junk will need to be coded to start at boot up.

I did a write up a while back on how to enable cron and stuff from userScript. You maybe not need to enable cron anymore. Just check the steps before. 

BTW all the automatic backups still create the files local. 

Enable cron 

Keep in mind that firmware upgrade resets crontab and you need to re-do it again. Best is to add command to userScript as this is preserved between the upgrades.

0 Kudos
John_Fleming
Advisor

yes, everything needs to be done in userScript. Even installing ssh keys and changing ownership of / (if that is still needed).

0 Kudos
Andreas_Aust
Collaborator

Hi guys,

I solved it wit cprid_util commands from the mgmt. Thanks for your support.

 

0 Kudos