Batch deployment of DSA key (SSH) and schedule backup with export

From MikroTik Wiki
Jump to navigation Jump to search

Use SSH to execute commands (DSA key login) shows you how to create a DSA key file.

Make a file on your *nix host with the following content. Name the file "distr_key.sh" 

#!/bin/sh

scp id_dsa.pub admin@$1:.
ssh admin@$1 "user ssh-keys import public-key-file=id_dsa.pub user=admin"
echo "$1 " >> node_list

$1 in this script is the first argument passed from command line with the script. It should be a hostname or a ip adresse. 

sh distr_key.sh 192.168.10.1

(make this file executible with "chmod 755 distr_key.sh" to avoid execute the shell with parametre)

You will be prompted for the admin password twice, once for the file transfer and once for the import dsa-key command. When the script ends it will apply the hostname or ip adresse to a new file called "node_list". This file will be used later on for the backup/export script.

Now you create a new file on your *nix host with the following content. Call the file "backup.sh" 

#!/bin/sh

dato=`date +%y%m%d`
liste=`cat node_list`

echo Starting backup

for node in $liste ; do
  echo Backing up $node
  ssh admin@$node export > $dato\_$node
done;

echo Finished

ls -l $dato*

Run the script file from command line with 

sh backup.sh

or make the backup file executible with chmod like above.

Now the script read the node_list file and execute a ssh session to the mikrotik, run the export command and save the content to a file named with the date and the node name or node ip adresse. When the script ends it executes a file listing that shows you the backed up files. 

admin@server:~/backup$ ./backup.sh
Starting backup
Backing up 192.168.10.1
Backing up 192.168.10.90
Backing up 192.168.10.95
Backing up 192.168.10.96
Backing up 192.168.10.97
Backing up 192.168.10.60
Backing up 192.168.10.70
Backing up 192.168.10.91
Finished
-rw-r--r-- 1 admin admin 37516 108-05-21 20:00 080521_192.168.10.1
-rw-r--r-- 1 admin admin 16560 108-05-21 20:00 080521_192.168.10.60
-rw-r--r-- 1 admin admin 15469 108-05-21 20:00 080521_192.168.10.70
-rw-r--r-- 1 admin admin 20965 108-05-21 20:00 080521_192.168.10.90
-rw-r--r-- 1 admin admin 18512 108-05-21 20:00 080521_192.168.10.91
-rw-r--r-- 1 admin admin 18142 108-05-21 20:00 080521_192.168.10.95
-rw-r--r-- 1 admin admin 15135 108-05-21 20:00 080521_192.168.10.96
-rw-r--r-- 1 admin admin 15428 108-05-21 20:00 080521_192.168.10.97
admin@server:~/backup$

Simple, but it should be effective. Of course if you want, expand the scripts with more error checking and maybe a directory for every node instead of all in the same directory.

And finaly put it into a cron job and execute it once every night.

Retrieved from "https://wiki.mikrotik.com/index.php?title=Batch_deployment_of_DSA_key_(SSH)_and_schedule_backup_with_export&oldid=28298"