Solved: Delete Configuration Files

quentinperceval · ‎10-21-2013

Hi !

Following this thread (https://supportforums.cisco.com/thread/2066895), I establish a daily automatic backup of my configuration file to a remote server (via SSH and SCP).

My problem is the following : How can I delete sent files ont my ESA appliance ?

I saw ways to do it via FTP, but I don't want to open FTP on my applicance...

I'm running AsyncOS 7.6.3 on ESA C370.

Thank you for your help !

Best Regards

Quentin

David Miller · ‎10-23-2013

The command "help" lists all the available CLI commands (although it does not list "ls" and you can't issue "ls" commnd from a CLI putty session but for some reason you can using plink). There is no command to delete files. The shell is severely locked down for good security reasons. File management is handled automatically by the system (like log file rollover).

View solution in original post

Mariusz Bochen · ‎10-21-2013

Hi Quentin,

This is from official Cisco documentation https://www.cisco.com/en/US/docs/security/esa/esa7.6/ESA_7.6_AdvancedGuide.pdf

•If you need to access the appliance for the purposes of uploading or downloading configuration files, you must enable FTP or Telnet on an interface.

•You can also upload or download files using secure copy (scp).

Since the SCP is probably not going to work as per this threat:

https://supportforums.cisco.com/thread/2146510

and Telnet is not something you would use, the only one option left is FTP

Regards

Mariusz

quentinperceval · ‎10-22-2013

Hi !

My point isn't to download configuration files (I already did this, and SCP is going well ^^), my point is to delete configuration files, and I'm searching a way to do this, via the CLI, SSH or SCP.

I found that it is possible tu enter linux commande via SSH (like "ls" for example), but if I try a "rm" the prompt say "You do not have access to the rm command" ...

So I'm searching a command to delete files via the CLI or via SSH...

Thank you for your help !

Best regards

Quentin

David Miller · ‎10-23-2013

The command "help" lists all the available CLI commands (although it does not list "ls" and you can't issue "ls" commnd from a CLI putty session but for some reason you can using plink). There is no command to delete files. The shell is severely locked down for good security reasons. File management is handled automatically by the system (like log file rollover).

quentinperceval · ‎10-25-2013

Thank you for your answer.

I did a little test with generating 1800 conf files (~5 years), and wait 24 hours : there is no "rollover", but the total size is arround 400Mo, so it's not such a bid deal.

I will come back soon with new questions

ravi saini · ‎10-30-2013

you can login with your admin or service account and type this command rm -rf /file.

it will delete the file.

Robert Sherwin · ‎10-30-2013

Not 100% correct. Customer does not have the ability to run 'rm -rf/' on the CLI of the appliance. Nor, do they have service account access.

If you needed to remove a saved configuration (.XML) from the appliance - the one customer accessable way would be via FTP:

ftp> cd configuration

250 CWD command successful.

ftp> ls

227 Entering Passive Mode (XXX,YY,XX,YY,XXX,YYY)

150 Opening ASCII mode data connection for file list

drwxrwx--- 2 root config 512 Feb 26 2013 iccm

-rw-rw---- 1 admin config 1117 Feb 26 2013 profanity.txt

-rw-rw---- 1 admin config 90 Feb 26 2013 proprietary_content.txt

-rw-rw---- 1 admin config 2119 Feb 26 2013 sexual_content.txt

-rw-rw---- 1 admin config 26619 Feb 26 2013 ASYNCOS-MAIL-MIB.txt

-rw-rw---- 1 admin config 1287 Feb 26 2013 IRONPORT-SMI.txt

drwxrwx--- 2 root config 512 Jul 24 12:18 logos

-rw-rw---- 1 admin config 48 Sep 5 17:00 slbl-782BCB647CF3-DFZP9S1-20130905T210043.csv

-rw-rw---- 1 admin config 167649 Oct 30 10:45 X1070-782BCB647CF3-DFZP9S1-20131030T104500.xml

ftp> del X1070-782BCB647CF3-DFZP9S1-20131030T104500.xml

250 DELE command successful.

-Robert

Cheers,
Robert Sherwin

Valter Da Costa · ‎10-30-2013

Ravi,

I apologize but unless you are talking about Customer Support Engineers and their service account (via remote access), the information you provided could not be validated by me, at least.

Please see below:

> saveconfig yes

File written on machine "esalab.cisco.com" to the location "/configuration/C150-serial-20131030T121815.xml".

Configuration saved.

esalab.cisco.com> rm /configuration/C150-serial-20131030T121815.xml

Unknown command or missing feature key: rm

esalab.cisco.com> rm -rf /configuration/C150-serial-20131030T121815.xml

Unknown command or missing feature key: rm

esalab.cisco.com>

or via SSH:

$ ssh -l admin 10.97.14.35 rm -rf /configuration/C150-serial-20131030T121815.xml

You do not have access to the rm command.

vdacosta-mac:~ vdacosta$

You can do ls tough:

$ ssh -l admin 10.97.14.35 ls /configuration

-rw-rw---- 1 admin config 15712 Jan 31 2012 ASYNCOS-MAIL-MIB.txt

-rw-rw---- 1 admin config 62203 Jun 27 17:27 C150-serial-20130627T172739.xml

-rw-rw---- 1 admin config 64024 Jul 19 03:08 C150-serial-20130719T060855-7.5.1-102.xml

-rw-rw---- 1 admin config 81769 Aug 21 11:26 C150-serial-20130821T112655-7.6.2-014.xml

-rw-rw---- 1 admin config 170695 Oct 30 12:18 C150-serial-20131030T121815.xml

-rw-rw---- 1 admin config 972 Jan 31 2012 IRONPORT-SMI.txt

-rw-rw---- 1 admin config 47 Aug 19 16:03 backup1.txt

-r--r--r-- 1 root wheel 382127 Oct 24 14:57 cluster_config.dtd

-r--r--r-- 1 root wheel 381654 Sep 20 09:52 config.dtd

-rw-rw---- 1 admin config 6200 Sep 27 00:25 export.fdl

drwxrwx--- 2 root config 512 Jan 31 2012 iccm

drwxrwx--- 2 admin config 512 Jun 27 10:25 logos

-rw-rw---- 1 admin config 1117 Jan 31 2012 profanity.txt

-rw-rw---- 1 admin config 90 Jan 31 2012 proprietary_content.txt

vdacosta-mac:~ vdacosta$

###

The optios I see are:

a) Use FTP

b) Open a TAC ticket and aske the Engineer to remove the files for you

c) Open a TAC case and fill a feature request.

How do I file a Feature Request or ask for a change in system behaviour?

Knowledge Base Answer ID: 1438

http://tools.cisco.com/squish/5E452

=============================================

I hope this helps.

-Valter