Cryptzone Support

If you wish to submit a support ticket please sign in to your customer portal or use the “submit a ticket” button at the top menu.
If you need to find documentation about our Sheriff Suite please login to the Hive- Click Here



Making automatic backups in AppGate Classic

« Go Back

Making automatic backups

The standard method of making backups of an AppGate system is to use the AppGate Console -> System Settings -> Backup & Restore panel. This will create a backup file of all the configuration files on the AppGate system. The only drawback is that it requires manual interaction. It is however quite easy to automate this procedure.

To make this process automatic we need the following:
  • A Shell script that can be run from cron on the AppGate system.
  • Another Unix system which supports ssh and scp to which we can copy the backup files

How to do it

If you have an AppGate cluster, you can do this on just one of the nodes in the cluster. The backup-file will normally be the same regardless on which node in the cluster it was generated.

1. Create a new directory on the AppGate. Login to the AppGate server using the AppGate Console and do a Run Commands -> Shell on AppGate. Use the "su"-command to become root and then do:
   appgate# mkdir /var/opt/appgate/local

2. Transfer the (see template script at the bottom of the page) to /var/opt/appgate/local Use the AppGate Console -> System Settings -> File transfer

     Edit the and change the relevant parameters and make it executable:

   appgate#  chmod +x /var/opt/appgate/local/

Note: If the file has passed a through a Windows machine, you must be careful about line endings. Windows tends to mess up line endings and those are important. To be sure you can clean out  potential Windows line endings as soon as the file has been transferred to the AppGate system:

   appgate# cp foo
    appgate# dos2unix < foo >

3. To do an automatic copy without manual intervention, we will use scp with Public Key as authentication method. Start by creating a pair of ssh authentication keys and move them into place.

   appgate# cd /var/opt/appgate/local
   appgate# ssh-keygen -N "" -f id_rsa -t rsa

4. Copy the public key to the host which should receive the backup files.

   appgate# scp user@backup-host:

5. On the backup host append the public key to the authorized_keys file. Check the manual on ssh for the exact name of the files, etc. on your backup host. This is an example:

   appgate# ssh backup-host -l user
    backup-host% cat >> .ssh/authorized_keys

      To test that the ssh-keys work try ssh with the Public Key authentication, your user and the command ls :

   appgate#  ssh -i /var/opt/appgate/local/id_rsa -l user backuphost ls

      If correct, it should work without any user interaction. That is without questions for passwords or any thing. You should get some output from ls only. By now you should also be able to try the script:

   appgate# ./

      It should run without errors and you should check that a backup file has been created on the backup-host.

6. Now we just need to make the script run on a regular basis. We do that by adding an entry to the crontab for the root user. We first put the current crontab into a file and then edit it:

   appgate# crontab -l root > /tmp/ct
    appgate# nano /tmp/ct

       For a backup to be created each night at 01:15 add the following line:

   15 1 * * * /var/opt/appgate/local/

       Save the file and put it into action by:

   appgate# crontab /tmp/ct


The script

Below is the template script. You need to look through it and modify the relevant parameters.


# Change KEY AND remember it!

# Change USER and BACKUPHOST to what you will use
DATE=`date '+%y%m%d'`
NODENAME=`uname -n`

/opt/APPGserv/bin/ag_backup -h $NODENAME -k $KEY \
         -t /tmp -o $BACKUPSRC
/opt/APPGserv/bin/scp -q -i $KEYFILE $BACKUPSRC \

Article Info
3/21/2017 11:24 AM
3/21/2017 1:10 PM



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255