Difference between revisions of "Batch deployment of DSA key (SSH) and schedule backup with export"

From MikroTik Wiki
Jump to: navigation, search
m
 
(11 intermediate revisions by one other user not shown)
Line 1: Line 1:
Pasting in script and information very soon.  
+
[[Use SSH to execute commands (DSA key login)]] shows you how to create a DSA key file.  
  
Use this
+
Make a file on your *nix host with the following content. Name the file "distr_key.sh"
  
<pre>%ssh-keygen -t dsa</pre>
+
<pre>#!/bin/sh
  
This creates a DSA key pair that is compatible with Mikrotik.
+
scp id_dsa.pub admin@$1:.
 +
ssh admin@$1 "user ssh-keys import public-key-file=id_dsa.pub user=admin"
 +
echo "$1 " >> node_list
 +
</pre>
  
<pre>here comes script one</pre>
+
$1 in this script is the first argument passed from command line with the script. It should be a hostname or a ip adresse.
  
yeah and more text.
+
<pre>sh distr_key.sh 192.168.10.1</pre> (make this file executible with "chmod 755 distr_key.sh" to avoid execute the shell with parametre)
even more text
 
  
<pre>here comes script two</pre>
+
You will be prompted for the admin password twice, once for the file transfer and once for the import dsa-key command. When the script ends it will apply the hostname or ip adresse to a new file called "node_list". This file will be used later on for the backup/export script.
  
more text
+
Now you create a new file on your *nix host with the following content. Call the file "backup.sh"
 +
 
 +
<pre>
 +
#!/bin/sh
 +
 
 +
dato=`date +%y%m%d`
 +
liste=`cat node_list`
 +
 
 +
echo Starting backup
 +
 
 +
for node in $liste ; do
 +
  echo Backing up $node
 +
  ssh admin@$node export > $dato\_$node
 +
done;
 +
 
 +
echo Finished
 +
 
 +
ls -l $dato*
 +
</pre>
 +
 
 +
Run the script file from command line with
 +
<pre>sh backup.sh</pre> or make the backup file executible with chmod like above.
 +
 
 +
Now the script read the node_list file and execute a ssh session to the mikrotik, run the export command and save the content to a file named with the date and the node name or node ip adresse. When the script ends it executes a file listing that shows you the backed up files.
 +
 
 +
<pre>
 +
admin@server:~/backup$ ./backup.sh
 +
Starting backup
 +
Backing up 192.168.10.1
 +
Backing up 192.168.10.90
 +
Backing up 192.168.10.95
 +
Backing up 192.168.10.96
 +
Backing up 192.168.10.97
 +
Backing up 192.168.10.60
 +
Backing up 192.168.10.70
 +
Backing up 192.168.10.91
 +
Finished
 +
-rw-r--r-- 1 admin admin 37516 108-05-21 20:00 080521_192.168.10.1
 +
-rw-r--r-- 1 admin admin 16560 108-05-21 20:00 080521_192.168.10.60
 +
-rw-r--r-- 1 admin admin 15469 108-05-21 20:00 080521_192.168.10.70
 +
-rw-r--r-- 1 admin admin 20965 108-05-21 20:00 080521_192.168.10.90
 +
-rw-r--r-- 1 admin admin 18512 108-05-21 20:00 080521_192.168.10.91
 +
-rw-r--r-- 1 admin admin 18142 108-05-21 20:00 080521_192.168.10.95
 +
-rw-r--r-- 1 admin admin 15135 108-05-21 20:00 080521_192.168.10.96
 +
-rw-r--r-- 1 admin admin 15428 108-05-21 20:00 080521_192.168.10.97
 +
admin@server:~/backup$
 +
</pre>
 +
 
 +
Simple, but it should be effective. Of course if you want, expand the scripts with more error checking and maybe a directory for every node instead of all in the same directory.
 +
 
 +
And finaly put it into a cron job and execute it once every night.

Latest revision as of 13:01, 1 April 2016

Use SSH to execute commands (DSA key login) shows you how to create a DSA key file.

Make a file on your *nix host with the following content. Name the file "distr_key.sh"

#!/bin/sh

scp id_dsa.pub admin@$1:.
ssh admin@$1 "user ssh-keys import public-key-file=id_dsa.pub user=admin"
echo "$1 " >> node_list

$1 in this script is the first argument passed from command line with the script. It should be a hostname or a ip adresse.

sh distr_key.sh 192.168.10.1
(make this file executible with "chmod 755 distr_key.sh" to avoid execute the shell with parametre)

You will be prompted for the admin password twice, once for the file transfer and once for the import dsa-key command. When the script ends it will apply the hostname or ip adresse to a new file called "node_list". This file will be used later on for the backup/export script.

Now you create a new file on your *nix host with the following content. Call the file "backup.sh"

#!/bin/sh

dato=`date +%y%m%d`
liste=`cat node_list`

echo Starting backup

for node in $liste ; do
  echo Backing up $node
  ssh admin@$node export > $dato\_$node
done;

echo Finished

ls -l $dato*

Run the script file from command line with

sh backup.sh
or make the backup file executible with chmod like above.

Now the script read the node_list file and execute a ssh session to the mikrotik, run the export command and save the content to a file named with the date and the node name or node ip adresse. When the script ends it executes a file listing that shows you the backed up files.

admin@server:~/backup$ ./backup.sh
Starting backup
Backing up 192.168.10.1
Backing up 192.168.10.90
Backing up 192.168.10.95
Backing up 192.168.10.96
Backing up 192.168.10.97
Backing up 192.168.10.60
Backing up 192.168.10.70
Backing up 192.168.10.91
Finished
-rw-r--r-- 1 admin admin 37516 108-05-21 20:00 080521_192.168.10.1
-rw-r--r-- 1 admin admin 16560 108-05-21 20:00 080521_192.168.10.60
-rw-r--r-- 1 admin admin 15469 108-05-21 20:00 080521_192.168.10.70
-rw-r--r-- 1 admin admin 20965 108-05-21 20:00 080521_192.168.10.90
-rw-r--r-- 1 admin admin 18512 108-05-21 20:00 080521_192.168.10.91
-rw-r--r-- 1 admin admin 18142 108-05-21 20:00 080521_192.168.10.95
-rw-r--r-- 1 admin admin 15135 108-05-21 20:00 080521_192.168.10.96
-rw-r--r-- 1 admin admin 15428 108-05-21 20:00 080521_192.168.10.97
admin@server:~/backup$

Simple, but it should be effective. Of course if you want, expand the scripts with more error checking and maybe a directory for every node instead of all in the same directory.

And finaly put it into a cron job and execute it once every night.