Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Automated Backup Solution

Hello All, I am trying to set up following auto backup solution found here - https://devcentral.f5.com/wiki/iApp.Complete-F5-Automated-Backup-Solution.ashx#Description_1?NS=iApp

I have followed everything created the key as documented and I have tested from F5 CLI and I was able to SFTP and SCP without password (I selected the option backup on this f5).

However when I use the GUI and select the option SFTP or SCP it requires me to put in "Enter the SSH private key to be used for passwordless authentication" and "Set the remote directory the archive should be copied to"

So the question is for SSH private key do I get that from /root/.ssh/id_rsa ? and do I copy paste the entire key? Also for destination does it use "/" or "\".

Lastly where is log kept of this iAPP? I have looked almost everything couldnt find it?

Please help.

Thanks

1
Rate this Question
Comments on this Question
Comment made 30-Apr-2014 by mr.evil 279
I have found the logs, and what I can see in there as follows: Permission denied, please try again. Permission denied, please try again. Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
0

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

The key you are looking for should be /config/ssh/ssh_host_dsa_key

0
Comments on this Answer
Comment made 06-May-2014 by mr.evil 279
Hi Cory, I know where to find the key but how do I copy paste the content of the file in txt box as there is no way for me tell whether entire is has been uploaded there or not. Thanks
0
Comment made 06-May-2014 by Cory 3580
You can print to screen the private key using cat. cat /config/ssh/ssh_host_dsa_key
0
Comment made 06-May-2014 by mr.evil 279
Hi Cory, I have done that before I am still getting the same error.... and shouldn't it be the RSA key .... ? Anyway I have used the RSA private key which didnt work ? Any other idea? Thanks
0
Comment made 07-May-2014 by Cory 3580
I'm pretty sure the system uses the ssh_host_dsa_key for system connections. We have an external monitor that connects via SSH to pool members and runs a script, and it uses the ssh_host_dsa_key private key for authentication to the pool members. You would then load the corresponding public key (ssh_host_dsa_key.pub) on your target machine.
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I used ssh-keygen -t rsa to generate a new keypair and it is saved in /root/.ssh/id_rsa. You need to import id_rsa.pub in authorized_keys file of the receiving sftp server host in $HOME/.ssh. Make sure that you have the appropiate read rights on the receiving server to this file.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Also I used the following scripts to automate backup using SFTP and the sent an email if the upload failes. The local created backup files are automatically on the Big IP to save disk space.

!/bin/bash

DATE=date "+%m_%d_%y"

Here we create the ucs archive and append the date

tmsh save sys ucs bigip.backup.$DATE

upload SFTP to SFTP_server

cd /var/local/ucs/ sftp backupuser@SFTP_server <<End-Of-Session put "bigip.backup.$DATE.ucs" bye End-Of-Session

check if the upload has succeeded or failed. If failed mail error message

if [ $? -eq 0 ] then sleep 5 rm /var/local/ucs/bigip.backup.$DATE.ucs else ftp session failed mail -s "ftp backup file failed from BigIP" mail@mail.com < /dev/null fi

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

description #!/bin/bash DATE=date "+%m_%d_%y"

description #Here we create the ucs archive tmsh save sys ucs bigip.backup.$DATE

description #upload SFTP to SFTP_server cd /var/local/ucs/ sftp backupuser@SFTP_server <<End-Of-Session put "bigip.backup.$DATE.ucs" bye End-Of-Session

description #check if the upload has succeeded or failed. If failed mail error message

if [ $? -eq 0 ] then sleep 5 rm /var/local/ucs/bigip.backup.$DATE.ucs

else ftp session failed

  mail  -s "ftp backup file failed from bigip" mail@mail.com 
  < /dev/null

fi

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi! I just want to share a simple backup solution. Try doing this (source: http://www.linuxproblem.org/art_9.html">http://www.linuxproblem.org/art_9.html" target="_blank">http://www.linuxproblem.org/art_9.html">http://www.linuxproblem.org/art_9.html):

ssh-keygen -t rsa

Then you can give my script a try: https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh">https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh" target="_blank">https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh">https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh

Adjust the array to point to your management addresses they use the argument "setup" to copy the public keys in the right place. Adjust the target directory as well, if needed.

0
Comments on this Answer
Comment made 20-Nov-2014 by Riley Schuit
Thank the devcentral WYSIWYG for making my post super ugly....
0