def download_crypto_keys(self, destination_path): """Download crypto keys and certificates""" self.logger.info("Exporting crypto information...") crypto_data = [] commands = [ "show crypto key mypubkey rsa", "show crypto ca certificates", "show crypto ca trustpool" ] for cmd in commands: output = self.execute_command(cmd) if output: crypto_data.append(f"\n{'='*60}\nCommand: {cmd}\n{'='*60}\n") crypto_data.append(output) if crypto_data: filename = os.path.join(destination_path, f"crypto_info_{self.hostname}.txt") with open(filename, 'w') as f: f.writelines(crypto_data) self.logger.info(f"Crypto info saved to: {filename}") return filename return None
This feature provides secure, automated backup capabilities for your Cisco ASA 5506-X with comprehensive logging and error handling.
try: if not downloader.connect(): sys.exit(1) # Execute requested actions if args.backup_all: backup_dir = downloader.backup_asa(args.output) print(f"\n✓ Backup completed successfully!") print(f" Location: {backup_dir}") elif args.running_config: filepath = downloader.download_running_config(args.output) if filepath: print(f"✓ Running config downloaded: {filepath}") elif args.startup_config: filepath = downloader.download_startup_config(args.output) if filepath: print(f"✓ Startup config downloaded: {filepath}") elif args.list_flash: downloader.list_flash_files() elif args.download_asdm: success = downloader.download_asdm_image(args.output) if success: print("✓ ASDM image downloaded successfully") else: print("✗ Failed to download ASDM image") elif args.download_file: local_filename = os.path.basename(args.download_file) local_path = os.path.join(args.output, local_filename) success = downloader.download_file_via_scp(args.download_file, local_path) if success: print(f"✓ File downloaded: {local_path}") else: print("✗ File download failed") else: # Default: download running config if no action specified downloader.download_running_config(args.output)
def download_file_via_scp(self, remote_path, local_path): """Download file using SCP""" try: with SCPClient(self.ssh_client.get_transport()) as scp: self.logger.info(f"Downloading {remote_path} via SCP...") scp.get(remote_path, local_path) self.logger.info(f"File saved to: {local_path}") return True except Exception as e: self.logger.error(f"SCP download failed: {str(e)}") return False cisco asa 5506-x download
args = parser.parse_args()
def backup_asa(self, destination_path): """Complete backup of ASA configuration and important files""" self.logger.info("Starting complete ASA backup...") # Create timestamped backup directory timestamp = datetime.now().strftime("%Y%m%d_%H%M%S") backup_dir = os.path.join(destination_path, f"asa_backup_{self.hostname}_{timestamp}") os.makedirs(backup_dir, exist_ok=True) backups = [] # Download configurations running_config = self.download_running_config(backup_dir) if running_config: backups.append(running_config) startup_config = self.download_startup_config(backup_dir) if startup_config: backups.append(startup_config) # Download crypto info crypto = self.download_crypto_keys(backup_dir) if crypto: backups.append(crypto) # List flash files for reference flash_list = self.list_flash_files() if flash_list: flash_file = os.path.join(backup_dir, "flash_listing.txt") with open(flash_file, 'w') as f: f.write(flash_list) backups.append(flash_file) # Create manifest file manifest = os.path.join(backup_dir, "BACKUP_MANIFEST.txt") with open(manifest, 'w') as f: f.write(f"ASA Backup created on: {datetime.now()}\n") f.write(f"Hostname: {self.hostname}\n") f.write(f"Backup files:\n") for file in backups: f.write(f" - {os.path.basename(file)}\n") self.logger.info(f"Complete backup saved to: {backup_dir}") return backup_dir
#!/usr/bin/env python3 """ Cisco ASA 5506-X File Download Utility Supports: Running config, Startup config, ASDM image, AnyConnect packages """ import paramiko import os import sys import logging from scp import SCPClient import argparse from datetime import datetime "show crypto ca certificates"
def execute_command(self, command): """Execute command on ASA and return output""" try: stdin, stdout, stderr = self.ssh_client.exec_command(command) output = stdout.read().decode('utf-8') error = stderr.read().decode('utf-8') if error: self.logger.warning(f"Command error: {error}") return output except Exception as e: self.logger.error(f"Command execution failed: {str(e)}") return None
class CiscoASADownloader: def (self, hostname, username, password, port=22): self.hostname = hostname self.username = username self.password = password self.port = port self.ssh_client = None self.setup_logging()
# Initialize downloader downloader = CiscoASADownloader(args.host, args.username, args.password, args.port) f"crypto_info_{self.hostname}.txt") with open(filename
# Action arguments parser.add_argument('--backup-all', action='store_true', help='Complete backup') parser.add_argument('--running-config', action='store_true', help='Download running config only') parser.add_argument('--startup-config', action='store_true', help='Download startup config only') parser.add_argument('--list-flash', action='store_true', help='List flash files') parser.add_argument('--download-asdm', action='store_true', help='Download ASDM image') parser.add_argument('--download-file', help='Download specific file from flash')
def disconnect(self): """Close SSH connection""" if self.ssh_client: self.ssh_client.close() self.logger.info("SSH connection closed") def main(): parser = argparse.ArgumentParser(description='Cisco ASA 5506-X Download Utility') parser.add_argument('--host', required=True, help='ASA hostname or IP address') parser.add_argument('--username', required=True, help='SSH username') parser.add_argument('--password', required=True, help='SSH password') parser.add_argument('--port', type=int, default=22, help='SSH port (default: 22)') parser.add_argument('--output', default='./asa_backups', help='Output directory')
def connect(self): """Establish SSH connection to ASA""" try: self.ssh_client = paramiko.SSHClient() self.ssh_client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) self.logger.info(f"Connecting to {self.hostname}...") self.ssh_client.connect( hostname=self.hostname, port=self.port, username=self.username, password=self.password, timeout=30, allow_agent=False, look_for_keys=False ) self.logger.info("SSH connection established") return True except Exception as e: self.logger.error(f"Connection failed: {str(e)}") return False
def download_startup_config(self, destination_path): """Download startup configuration""" self.logger.info("Downloading startup configuration...") config = self.execute_command("show startup-config") if config: filename = os.path.join(destination_path, f"startup_config_{self.hostname}.cfg") with open(filename, 'w') as f: f.write(config) self.logger.info(f"Startup config saved to: {filename}") return filename return None