automated config backups for SFTOS

James Harr james.harr at gmail.com
Thu Nov 24 01:36:57 UTC 2011


Second rancid.

If SFTOS supports per-command authorization (via RADIUS/TACACS), you can
limit the script account to only be able to use 'show run' and whatever
else it needs (even when it logs in).

That said, if you're looking for on-the-cheap, I haven't seen a free
TACACS+ server that does authorization and was stable, so you'll probably
have to compromise and give your script more permissions than it needs just
to get the job done.

On Tue, Nov 22, 2011 at 1:40 PM, Jason Biel <jason at biel-tech.com> wrote:

> Deploy RANCID?
>
> On Tue, Nov 22, 2011 at 1:35 PM, Jon Heise <jon at smugmug.com> wrote:
>
> > Does anyone know of a method of automating config backups for force10
> > switches running SFTOS ? I've got an python expect script that works on
> our
> > routers running FTOS, it uses a role account that can show the running
> > configs without having to use the enable password.  i could expand the
> > script to use the enable password but i'm hesitant to have it lying
> around
> > in a script
> >
> > Jon  Heise
> >
>
>
>
> --
> Jason
>



-- 
^[:wq^M



More information about the NANOG mailing list