Due in part to a recent change in one of our environments, the direct connect option we had to automatically back up certain Cisco devices is no longer a viable option.
I am in the process of creating, or rather, attempting to create a custom script that would allow me to SSH to my firewall and then SSH to the Cisco device and execute show running-config to get the output of our Cisco device saved into a text file. While this would be a rudimentary fix since it would still have the output of the initial SSH session and the like it's still better than having to manually back up the devices
I have a few concerns about this however and I'm looking for some assistance on making this both functional and secure
My script is essentially
Direct Connect via SSH to Firewall
ssh username@router
password
show running-config
I'm concerned about saving passwords in custom scripts. I have my terminal page size set to 0 so there are no line breaks when I do show running-config. Is there a way I can reference passwords from a secure location like a,password manager or encrypted file rather than have to save them directly into Cattools List of Commands to be entered?
Any and all assistance on this is greatly appreciated.
Thank you