sysconf config backup

Back up the appliance configuration data, and save it to the appliance file system. There is no limit on the size of individual backup files (using Luna Appliance Software 7.8.5 or newer) or the number of backups that can be stored on the file system, other than the available space. This space is shared by other files, such as spkg and log files, so account for this when planning your backup and restore strategy.

NOTE If the configuration content is less than 64 KB, a single file is generated with a name that includes the creation date and time.

If the lunash:> sysconf config backup command detects that your configuration is more than 64 KB, then it breaks the config content into chunks, each of less than 64 KB. The backup chunk files get the same name, except that each has a sequential number appended. An additional generated file contains a hash of all the chunk files, and is used to reassemble the large backup when you later restore with lunash:> sysconf config restore (using Luna Appliance Software 7.8.5 or newer).

If desired, you can use the command sysconf config export to save the backup file to the internal HSM, or an external backup token after you create it.

NOTE This command does not backup the HSM and partition configurations. See hsm backup and partition backup for more information.

Certificates, if any, are added to the backup archive, and are restored to the trust store upon sysconf config restore.

Audit log encryption uses the same certificates, so it is important to coordinate with the audit user for any changes.

The backup file includes configuration data for the following modules and services:

CTC	Crypto Traffic Control configuration (requires Luna Appliance Software 7.8.3 or newer)
Network	Network configuration
NTLS	NTLS configuration
NTP	Network Time Protocol configuration
SNMP	SNMP configuration
SSH	SSH configuration
Syslog	Syslog configuration
System	System configuration (keys and certificates)
Users	User accounts, passwords, and files
Webserver	Webserver configuration for REST API

User Privileges

Users with the following privileges can perform this command:

>Admin

Syntax

sysconf config backup -description <comment> [-service <name>] [-factoryconfig]

Argument(s)	Shortcut	Description
-description <comment>	-d	Comment describing this backup. The description must be enclosed in double quotes if it contains spaces.
-service <name>	-s	Specifies the individual service configuration to back up. If this option is not included, all service configurations are backed up as described above. Valid Values: network, ssh, ntls, syslog, ntp, snmp, users, system, webserver, ctc Service syslog uses the same certificates as audit log encryption. This option requires Luna Appliance Software 7.8.5 or newer.
-factoryconfig	-f	Binary option.

Argument(s)

Shortcut

Description

-description <comment>

-d

Comment describing this backup. The description must be enclosed in double quotes if it contains spaces.

-service <name>

-s

Specifies the individual service configuration to back up. If this option is not included, all service configurations are backed up as described above.

Valid Values: network, ssh, ntls, syslog, ntp, snmp, users, system, webserver, ctc

Service syslog uses the same certificates as audit log encryption. This option requires Luna Appliance Software 7.8.5 or newer.

-factoryconfig

-f

Binary option.

Example (Luna Appliance Software older than 7.8.5)

lunash:>sysconf config backup -description "Configuration Backup 17-03-01"


Created configuration backup file: local_host_Config_20170301_1200.tar.gz


Command Result : 0 (Success)

Example (Luna Appliance Software 7.8.5 or newer)

With a service selected

lunash:>sysconf config backup -service ntls -d ntls

Created configuration backup file: local_host_Config_ntls_20240206_1657.tar.gz

It is recommended to export the backup file to the internal HSM, or an external backup token to mitigate the risk of data loss.


Command Result : 0 (Success)
[local_host] lunash:>sysconf config list


Configuration backup files in file system:

Size    |  File Name                                                |  Description
-----------------------------------------------------------------------------------------------------
10970   |  local_host_Config_ntls_20240206_1657.tar.gz              |  ntls

Command Result : 0 (Success)

Without a service selected

lunash:>sysconf config backup -d "all of them"

Created configuration backup file: local_host_Config_all_20240206_1657.tar.gz

It is recommended to export the backup file to the internal HSM, or an external backup token to mitigate the risk of data loss.


Command Result : 0 (Success)
[local_host] lunash:>sysconf config list


Configuration backup files in file system:

Size    |  File Name                                                |  Description
-----------------------------------------------------------------------------------------------------
10970   |  local_host_Config_ntls_20240206_1657.tar.gz              |  ntls
62972   |  local_host_Config_all_20240206_1657.tar.gz              |  all of them

Command Result : 0 (Success)



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-12-18 11:38:52 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information