Automating Cisco IOS Config Backups using Plink [closed]

have a look at Rancid ( open source) , see summary below from Shubbery Networks website

RANCID monitors a router's (or more generally a device's) configuration, including software and hardware (cards, serial numbers, etc) and uses CVS (Concurrent Version System) or Subversion to maintain history of changes.

RANCID does this by the very simple process summarized here:

• login to each device in the router table (router.db),
• run various commands to get the information that will be saved,
• cook the output; re-format, remove oscillating or incrementing data,
• email any differences (sample) from the previous collection to a mail list,
• and finally commit those changes to the revision control system

If your only running windows then Kiwi CatTools, depending on your network size as the free version is limited to 20 devices.

Another way would be to use IOS's built-in kron facility, quickly stole this from a show running-config from one of my routers:

kron occurrence config-backup at 13:00 recurring
 policy-list config-backup

kron policy-list config-backup
 cli show running-config | redirect ftp://username:[email protected]/router1.confg

If you are just looking for a tool to automate configuration backups from IOS devices, maybe the archive feature in IOS is what you are looking for.

Next is a configuration sample to backup running configuration to an FTP server once a day (1440 minutes) and every time save running config to startup:

archive
  path ftp://username:password@serveraddress/switchname
  write-memory
  time-period 1440
  exit

Of course, you need to have an FTP, TFTP or similar server running in your network and reachable from the management interface of the devices.

When I need an script with Plink, I run use the followed command.

plink.exe -ssh -pw <PWD> -noagent -m commands.txt -batch <USR>@<IP>

Here an example script

For automatic config backup, I would recommend you to use the archive feature or Rancid.

Your problem is that you're trying to use plink.exe for interactive prompts (i.e. to recognize when the router asks for an enable password), but plink.exe was never intended to do that... all plink.exe can do is send some commands to an ssh server without understanding anything about prompts or errors that the router will throw.

The most reasonable way for you to solve this problem is to create a username that can login directly at Cisco IOS priv level 15, and only put this in command.txt:

show runn

Having a username that logs in directly at priv 15 removes the necessity for you to have to interact with a Cisco IOS prompt.

The final solution will not look very different than what you are doing now...

plink.exe -ssh -2 -l <a-user-w-priv-15> -pw <some-password> 192.168.1.1 -batch -m command.txt

I wrote something to do config versioning called Project Illuminati - https://github.com/Olipro/Project-Illuminati

Works happily under Windows or Linux, it'll execute arbitrary commands over SSH (therby making it usable with just about any platform that has SSH) and dump the file into whatever path you deem appropriate, all versioned within a Git repo.

If you want it to run at scheduled interviews, just use cron under Linux or Scheduled Tasks under windows.

I had the same idea of automatically backing up the switches.

I use SSH with public key authentication and then copy the running config (or the startup config) via scp:

    scp ${sw_username}@${sw_ip}:startup-config $CONFDIR/$sw_name.conf