Automatic configuration backup with SCP

Whenever you activate a configuration in the Airlock Gateway configuration center, Airlock Gateway will automatically save this configuration as backup in /home/log/configuration/ The following steps describe how to setup an automatic backup of the Gateway configuration using a readonly user and scp.

Create a readonly shell user:

  1. USERNAME=log_user
  2. useradd -d /home/log/ -s /bin/bash -c "read-only console user" -K MAIL_DIR=/dev/null -G log $USERNAME
  3. passwd $USERNAME

If you want to grant access with a ssh key, the user "root" must add the public key of the login user to /home/log/.ssh/authorized_keys. Do not change the permissions of this file!

Do not use the username "log", since this username is already used for internal purpose.

Download the Configuration:

Go to your backup server and use the following command to download the current activated configuration. By adding the date to the filename, you can run the command with a script once per day without overwrite previous versions.

  • scp log_user@airlockhost:/home/log/configuration/ /<backupdir>/airlock-conf_without-keys-`date -I`.zip