Hello All, I am trying to set up following auto backup solution found here - https://devcentral.f5.com/wiki/iApp.Complete-F5-Automated-Backup-Solution.ashxDescription_1?NS=iApp
I have followed everything created the key as documented and I have tested from F5 CLI and I was able to SFTP and SCP without password (I selected the option backup on this f5).
However when I use the GUI and select the option SFTP or SCP it requires me to put in "Enter the SSH private key to be used for passwordless authentication" and "Set the remote directory the archive should be copied to"
So the question is for SSH private key do I get that from /root/.ssh/id_rsa ? and do I copy paste the entire key? Also for destination does it use "/" or "\".
Lastly where is log kept of this iAPP? I have looked almost everything couldnt find it?
I used ssh-keygen -t rsa to generate a new keypair and it is saved in /root/.ssh/id_rsa. You need to import id_rsa.pub in authorized_keys file of the receiving sftp server host in $HOME/.ssh. Make sure that you have the appropiate read rights on the receiving server to this file.
Also I used the following scripts to automate backup using SFTP and the sent an email if the upload failes. The local created backup files are automatically on the Big IP to save disk space.!/bin/bash
Here we create the ucs archive and append the date
tmsh save sys ucs bigip.backup.$DATEupload SFTP to SFTP_server
cd /var/local/ucs/ sftp backupuser@SFTP_server <check if the upload has succeeded or failed. If failed mail error message
if [ $? -eq 0 ] then sleep 5 rm /var/local/ucs/bigip.backup.$DATE.ucs else ftp session failed mail -s "ftp backup file failed from BigIP" email@example.com < /dev/null fi
description !/bin/bash DATE=
description Here we create the ucs archive tmsh save sys ucs bigip.backup.$DATE
description upload SFTP to SFTP_server cd /var/local/ucs/ sftp backupuser@SFTP_server <
description check if the upload has succeeded or failed. If failed mail error message
if [ $? -eq 0 ] then sleep 5 rm /var/local/ucs/bigip.backup.$DATE.ucs
else ftp session failed
mail -s "ftp backup file failed from bigip" firstname.lastname@example.org < /dev/null
ssh-keygen -t rsa
Then you can give my script a try: ">https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh" target="_blank">">https://github.com/rileyschuit/bash-tools/blob/master/bigip_backups.sh
Adjust the array to point to your management addresses they use the argument "setup" to copy the public keys in the right place. Adjust the target directory as well, if needed.