Wireless Access

Reply
Frequent Contributor I

Secure transfer config archival? Or only tftp/ftp?

On the Aruba controller, is there a secure method for transfering configuration files to an archive server, or is only ftp + tftp available in that direction?  I notice that I can use scp, but it seems only for copying files to the controller.

 

Also - can I pass the password in the command with user:pass rather than waiting for the prompt?

 

If not - can I scp directly to the controller and grab files from flash?  Or is there some other automated way to archive backups of the config that would use enctypted transfer?  scp, ftp over ssl...

 

**I see this can be done manually in the GUI, but I'm looking to write a shell script to log into the box via ssh and run the commands.

 

Thanks!

Guru Elite

Re: Secure transfer config archival? Or only tftp/ftp?

You can do this:

 

copy flash: filename scp: <ip address> username filename

But, the password is always interactive, so you cannot embed it into a script.  you have to use a language like expect...

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I

Re: Secure transfer config archival? Or only tftp/ftp?

I will do that!  Thanks!

Frequent Contributor I

Re: Secure transfer config archival? Or only tftp/ftp?

copy flash: flashbackup.tar.gz scp: 1.1.1.1 backupuser %DateISO%-%DeviceName%-flashbackup.tar.gz

 

That works, but my filename on my scp server ends up being literally: "%DateISO%-%DeviceName%-flashbackup.tar.gz"

 

Is that the proper date/hostname syntax?

Guru Elite

Re: Secure transfer config archival? Or only tftp/ftp?

It does not support variables in the command.  You will probably have to rename after, unfortunately...

 

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Guru Elite

Re: Secure transfer config archival? Or only tftp/ftp?

Actually, can't your expect script translate that before it is submitted?

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Frequent Contributor I

Re: Secure transfer config archival? Or only tftp/ftp?

Haha - yeah.  Sorry, I'm a noob.

Frequent Contributor I

Re: Secure transfer config archival? Or only tftp/ftp?

I got it working using an expect script.  It's ugly for now.  I will clean it up later, but:

 

#!/usr/bin/expect

#get local server ipaddr (it's dhcp)
spawn ifconfig eth0
expect -re {inet addr:(\S+)}
set ipaddr $expect_out(1,string)
expect eof

set systemtime [clock seconds]
set now [clock format $systemtime -format %m-%d-%y-%H-%M-%S]
set transfer "copy flash: flashbackup.tar.gz scp: $ipaddr backupuser $now.hostname-flashbackup.tar.gz"

#ssh to controller
spawn ssh user@1.1.1.1

#backup to flash on controller
expect {
"(hostname) #" {send "backup flash\r"}
}

#scp transfer flash backup to local server
expect {
"(hostname) #" {send "$transfer\r"}
}

#scp password
expect {
"Password:" {send "tHePaSsWoRd\r"}
}

sleep 10

# exit
expect {
"(hostname) #" {send "exit\r"}
}

 

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: