Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3286
Views
0
Helpful
2
Replies

basic questions about config backup/restore

Go to solution
Daniel Kreifus
Level 1
Level 1

‎09-26-2012 06:59 AM

I've searched around with limited success. I've just inherited the Ironport devices in our enviornment and need to perform an OS upgrade of our cluster. Prior to doing so, I want to backup each members config file. (also, I want to do this before doing any config changes)

If I back up each member's config to the device, how I can access/edit these config files so I can replaced the masked password fields with the actual passwords?

I'm aware of the unmasked/hashed password version of the file, but we'd like to avoid that if we can.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Bob Fayne
Level 1
Level 1

‎09-26-2012 12:40 PM

The config file itself is just a text/xml file and most good text editors (vi/textpad) will handle it easily.

Even when passwords are not masked, they are always encrypted. The only way to manually insert a password would be to encrypt it and put the result back in the config file.

As long as you are choosing strong passwords (hint) it is not at all an easy task to force decrypt the hashed password string. Even if you are completely paranoid, just store the config file somewhere in an encrypted format.

Bottom line: don't mess up your "backup" by manipulating it in a way that could render it useless just when you most need it. Manual editing of config files is tricky and AFAIK not officially supported in any way.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Bob Fayne
Level 1
Level 1

‎09-26-2012 12:40 PM

The config file itself is just a text/xml file and most good text editors (vi/textpad) will handle it easily.

Even when passwords are not masked, they are always encrypted. The only way to manually insert a password would be to encrypt it and put the result back in the config file.

As long as you are choosing strong passwords (hint) it is not at all an easy task to force decrypt the hashed password string. Even if you are completely paranoid, just store the config file somewhere in an encrypted format.

Bottom line: don't mess up your "backup" by manipulating it in a way that could render it useless just when you most need it. Manual editing of config files is tricky and AFAIK not officially supported in any way.

0 Helpful

Go to solution
Daniel Kreifus
Level 1
Level 1
In response to Bob Fayne

‎09-26-2012 12:43 PM

Thanks for the feedback.

0 Helpful
Customers Also Viewed These Support Documents