[c-nsp] Hiding SCP Password Using Archive Feature
Richard Clayton
sledge121 at gmail.com
Sat Apr 29 09:47:59 EDT 2023
Hi Guys
What I'm trying to achieve:
1. Every time an engineer runs the write-memory command, a copy of the
running config is sent to my SCP server.
2. Every 7 days, a copy of the running config is sent to my SCP server.
3. The password in configuration is not shown in clear text.
It's just #3 that I hope there is a fix for.
Here is an example of my config.
archive
path scp://
user:password at 1.2.3.4/CUSTOMERS/CUSTOMER1/CUSTOMER-LONDON6-ETH1.cfg
write-memory
time-period 10080
Because the password part of the SCP config is not an IOS recognised
password I don't appear to be able to encrypt it. If that's the case is
there a secure fudge, like somehow referencing a local username that does
have password encryption.
I'm not looking for server based solutions like SolarWinds etc.
Thanks
Rick
More information about the cisco-nsp
mailing list