[c-nsp] How to easily and securely pull configuration from aPIX/ASA

Church, Charles cchurc05 at harris.com
Wed Dec 5 10:46:53 EST 2007


What if you enable SCP server on the ASA, and then pull it via SCP get?

Chuck

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Marc Haber
Sent: Wednesday, December 05, 2007 10:23 AM
To: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] How to easily and securely pull configuration from
aPIX/ASA


On Wed, Dec 05, 2007 at 03:14:01PM +0000, William wrote:
> Try sshing to the box and once you are enabled run 'more
> system:running-config'
> 
> This way you will see preshared keys for vpns which are normally
> starred out when you do a wr t.

Actually, I do not care about seeing the keys, I care about pulling
the configuration from the box in an automated, secure way with least
possible privileges.

Greetings
Marc

-- 
------------------------------------------------------------------------
-----
Marc Haber         | "I don't trust Computers. They | Mailadresse im
Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621
72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 3221
2323190
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


More information about the cisco-nsp mailing list