[rancid] Re: Cisco ASA Backup with Preshared Keys
Dwi C Taniel
dc at dwichandra.info
Mon Nov 3 17:21:47 UTC 2008
Anyway, just to add one safer approach on Jeremy's request:
I'm quoting the paragraph:
By default Rancid filters out passwords and SNMP community strings.
You may want to set the FILTER_PWDS and NOCOMMSTR variables to "NO" to
# Sample rancid.conf
FILTER_PWDS=NO; export FILTER_PWDS
NOCOMMSTR=NO; export NOCOMMSTR
So, I think, what you need is only the FILTER_PWDS=NO; export
FILTER_PWDS, without tempering /usr/local/rancid/bin/rancid too much ;)
Hope that helps.
On 11/01/2008, "Keys, Jeremy" <Jeremy_Keys at memorial.org> wrote:
> I use rancid to backup all of my configurations, including two Cisco ASA
> 5520's. The only problem I have run into is that when rancid backs up
> the configs on the ASA, the actual preshared keys are displayed as an
> asterisk (*) rather than the actual preshared key.
> Is there a way to get rancid to backup the actual config file? I assume
> it's just doing a screen scrape (sh running-config) and capturing the
> output rather than copying the actual file. This is fine for most
> equipment, but if I have a failure on the ASA and needed to restore the
> config, I would have to re-enter all the preshared keys (not fun with
> several hundred tunnels).
> Any help is greatly appreciated,
> Jeremy Keys
> jeremy_keys at memorial.org
> This message and accompanying documents are covered by
> the Electronic Communications Privacy Act 18
> U.S.C. "Sections 2510-2521," and contain information
> intended for the specified individual(s) only. This
> information is confidential. If you are not the intended
> recipient or an agent responsible for delivering it to
> the intended recipient, you are hereby notified that you
> have received this document in error and that any review,
> dissemination, copying, or the taking of any action based
> on the contents of this information is strictly
> prohibited. If you have received this communication in
> error, please notify us immediately by e-mail, and delete
> the original message.
This message was sent using IMP, the Internet Messaging Program.
More information about the Rancid-discuss