Wednesday, November 29, 2017

Is there a way to encrypt the UN/PW in the "archive path" command on a Cisco device?

I'm trying to implement configuration archives / configuration rollback on Cisco devices using SCP. As it stands, using the "archive path scp://username:password@SCP_IP/Directory/" command, it goes directly into the config with the full command and it does not hide the username or password. Service password-encryption does not work in this case.

All the documentation I've seen just talks about how to pass UN/PW in a single command (like above) or how to set up a local account for SCP, but not if it's possible to hide the username/password in this particular instance.

Bonus question: if you store all configuration backups in the same directory, would the switch know which one to pull out of the directory or would it just pull a random one? I'll be testing this tomorrow, but just wanted to see if I could get a comment. :)

Thanks!



No comments:

Post a Comment