[rancid] Re: Cisco ASA Backup with Preshared Keys

Dwi C Taniel dc at dwichandra.info
Mon Nov 3 17:21:47 UTC 2008 

Anyway, just to add one safer approach on Jeremy's request:

Based on  
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch1_:_Network_Backups_With_Rancid#Initial_Rancid_Configuration

I'm quoting the paragraph:
By default Rancid filters out passwords and SNMP community strings.  
You may want to set the FILTER_PWDS and NOCOMMSTR variables to "NO" to  
prevent this.

#
# Sample rancid.conf
#
LIST_OF_GROUPS="networking"
FILTER_PWDS=NO; export FILTER_PWDS
NOCOMMSTR=NO; export NOCOMMSTR

So, I think, what you need is only the FILTER_PWDS=NO; export  
FILTER_PWDS, without tempering /usr/local/rancid/bin/rancid too much ;)

Hope that helps.

Cheers,

Dwi

On 11/01/2008, "Keys, Jeremy" <Jeremy_Keys at memorial.org> wrote:

> I use rancid to backup all of my configurations, including two Cisco ASA
> 5520's.  The only problem I have run into is that when rancid backs up
> the configs on the ASA, the actual preshared keys are displayed as an
> asterisk (*) rather than the actual preshared key.
>
>
>
> Is there a way to get rancid to backup the actual config file?  I assume
> it's just doing a screen scrape (sh running-config) and capturing the
> output rather than copying the actual file.  This is fine for most
> equipment, but if I have a failure on the ASA and needed to restore the
> config, I would have to re-enter all the preshared keys (not fun with
> several hundred tunnels).
>
>
>
> Any help is greatly appreciated,
>
>
>
> Jeremy Keys
>
> jeremy_keys at memorial.org
>
>
>
>
>
>
>
> This message and accompanying documents are covered by
> the Electronic Communications Privacy Act 18
> U.S.C. "Sections 2510-2521," and contain information
> intended for the specified individual(s) only. This
> information is confidential.  If you are not the intended
> recipient or an agent responsible for delivering it to
> the intended recipient, you are hereby notified that you
> have received this document in error and that any review,
> dissemination, copying, or the taking of any action based
> on the contents of this information is strictly
> prohibited.  If you have received this communication in
> error, please notify us immediately by e-mail, and delete
> the original message.
>
>
>
>



----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

More information about the Rancid-discuss mailing list