Introduction
This document describes the process used to copy a configuration or text file to a router that does not have any file transfer access.
Problem
The best way to copy a configuration/license or any kind of text file to a router is to use file transfer protocols like FTP/TFTP/SCP/HTTP, however there are scenarios when usage of the protocols are not possible or prohibited.
Solution
Method 1: Using IOS.sh "terminal shell".
This method utilizes IOS.sh feature, that has been available in Cisco IOS/IOS-XE for quite long.
The overall idea is to create a shell function that would print the necessary data. Then we redirect the output to a file.
Below are two examples.
Example #1 - suitable for multi-line (short lines) content:
Router#terminal shell
Router#function MY_FILE1() {
{..} >echo """-----BEGIN CERTIFICATE-----
DblQuotTkn>MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
DblQuotTkn>BBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3
DblQuotTkn>-----END CERTIFICATE-----"""
{..} >}
Router#MY_FILE1 > testfile.txt
Router#more testfile.txt
-----BEGIN CERTIFICATE-----
MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3
-----END CERTIFICATE-----
Note: should you need to put a double quote or backslash characters in the text - it needs to be preceded with backslash.
Example #2 - works well for lines longer than 250 characters:
Router#terminal shell
Router#function MY_FILE2() {
{..} >printf '-----BEGIN CERTIFICATE-----'
{..} >printf 'MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV'
{..} >printf 'BBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3'
{..} >printf 'YW5fYXV0b3BvZDElMCMGA1UEAwwcc2lnbi5zZHdhbl9hdXRvcG9kLmNpc2NvLmNv'
{..} >printf '-----END CERTIFICATE-----'
{..} >}
Router#MY_FILE2 > testfile2.txt
Router#more testfile2.txt
-----BEGIN CERTIFICATE-----MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNVBBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3YW5fYXV0b3BvZDElMCMGA1UEAwwcc2lnbi5zZHdhbl9hdXRvcG9kLmNpc2NvLmNv-----END CERTIFICATE-----
Please find more details on the feature - https://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/116208-configure-i...
Method 2: Using TCL.
The methods is well documented in the article https://www.cisco.com/c/en/us/support/docs/ip/telnet/116214-technote-technology-00.html .
Router#tclsh
Router(tcl)#puts [open "bootflash:file.txt" w+] {
+>**put all the line here one by one**
+>}
Router(tcl)#tclquit
However in newer versions (17.3+) TCL is disabled in controller-mode, so extra steps are required.
See more details in the internal article https://techzone.cisco.com/t5/Other-Core-Architecture/Copy-Files-to-a-Router-without-File-Transfer-A...
Method 3: Using Linux Shell.
This method works with Cisco IOS-XE only.
The major challenge with the method is to gain linux shell access since it is highly restricted (means it cannot be done without TAC assistance). Also one can accidentally jeopardize the functioning of the system, thus the method is not safe (and not recommended).
See the process to access linux shell with consent token - https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/ios-xml/ios/fund...
Once the shell access is gained, the steps are:
[Router:/]$ cat > /bootflash/my_file.txt
-----BEGIN CERTIFICATE-----
MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3
-----END CERTIFICATE-----
^Z
[1]+ Stopped cat > /bootflash/my_file.txt
[Router:/]$
[Router:/]$ exit
Router#more bootflash:my_file.txt
-----BEGIN CERTIFICATE-----
MxSDSDCCAxygAwIBAgIJAL4ojZsLoCbyMA0GCSqGSIb3DQEBCwUAMGgxCzAJBgNV
BBYTAlVTMRowGAYDVQQKDBFDaXNjbyBTeXN0ZW1zIEluYzEWMBQGA1UECwwNc2R3
-----END CERTIFICATE-----
With the method one could also use any other linux commands or available text editors (like vim).
