Before backing up the configuration, you need to arrange a way to transfer the backup off-box. This could be via an NFS share, a Samba (Windows) share to USB storage or copied off-box via the network. If backing up directly to off-box storage, make sure it is mounted.
/tmp is not a good location for the backup except as a temporary location before transferring it off-box. The /tmp directory will not survive a reboot. The /etc/config directory is not a good place either, as it will not survive a restore.
Backup and restore should be done by the root user to ensure correct file permissions are set. The config command is used to create a backup tarball:
config -e OutputFile
The tarball will be saved to the indicated location. It will contain the contents of the /etc/config/ directory in an uncompressed and unencrypted form. For example:
- for nfs storage:
# mount -t nfs 192.168.0.2:/backups /mnt
# config -e /mnt/cm4008.config
- to transfer off-box via scp:
# config -e /tmp/cm4008.config
# scp /tmp/cm4008.config 192.168.0.2:/backups
The config command is also used to restore a backup:
config -i InputFile
This will extract the contents of the previously created backup to /tmp, and then synchronize the /etc/config directory with the copy in /tmp.
One problem that can crop up here is that there is not enough room in /tmp to extract files to. The following command will temporarily increase the size of /tmp:
mount -t tmpfs -o remount,size=2048k tmpfs /var
If restoring to either a new unit or one that has been factory defaulted, it is important to make sure that the process generating SSH keys is either stopped or completed before restoring configuration. If this is not done, then a mix of old and new keys may be put in place.
As SSH uses these keys to avoid man-in-the-middle attacks, logging in may be disrupted.
Article is closed for comments.