archive with SCP

Answered Question
Jul 30th, 2007
User Badges:

Hi all,

I have been using automatic archive configurations with TFTP and it works great. However, I'd like to switch to SCP as the file transfer mechanism to improve security on the router and for the file server. I have a test router configured with:


path scp://user:[email protected]/file

time-period 5

This should automatically archive every five minutes with the specified username and password. However, it does not automatically archive, but I can manually archive by typing archive config. I visually watch the router successfully log in to the SCP server and put the file in the correct directory. Is SCP not supported for automatic archive or am I missing something?


Correct Answer by Joe Clarke about 9 years 9 months ago

Hmmm, interesting. You might try "no archive" then re-enable archiving again. If that doesn't work, a reload would be in order.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Joe Clarke Mon, 07/30/2007 - 12:59
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

It's working for me. What version of IOS are you running? What is the output of show archive?

sweigle Mon, 07/30/2007 - 13:41
User Badges:

Here is the show archive:

sho archive

The next archive file will be named scp://user:[email protected]/rtr01-11

Archive # Name

0 tftp://host/rtr01-15

1 scp://user:[email protected]/rtr01-1

2 scp://user:[email protected]/rtr012

3 scp://user:[email protected]/rtr01-3

4 scp://user:[email protected]/rtr01-4

5 scp://user:[email protected]/rtr01-5

6 scp://user:[email protected]/rtr01-6

7 scp://user:[email protected]/rtr01-7

8 scp://user:[email protected]/rtr01-8

9 scp://user:[email protected]/rtr01-9

10 scp://user:[email protected]/rtr01-10 <- Most Recent

11 tftp://host/rtr01-11

12 tftp://host/rtr01-12

13 tftp://host/rtr01-13

14 tftp://host/rtr01-14


All of the above SCP archives were performed manually.

Here is my configuration:


path scp://user:[email protected]/rtr01

time-period 5


sweigle Mon, 07/30/2007 - 13:45
User Badges:

Hi again,

Is is what the output looks like when I perform archive manually:

rtr01#archive config

Writing rtr01-11


This is a private computer system. This computer system, including all

related equipment, networks, and network devices (specifically including

Internet access) are provided only for authorized use. This computer system

may be monitored for all lawful purposes, including to ensure that its use

is authorized, for management of the system, to facilitate protection against

unauthorized access, and to verify security procedures, survivability, and

operational security. Monitoring includes active attacks by authorized entities

to test or verify the security of this system. During monitoring, information

may be examined, recorded, copied and used for authorized purposes. All

information, including personal information, placed or sent over this system

may be monitored.

Use of this computer system, authorized or unauthorized, constitutes consent

to monitoring of this system. Unauthorized use may subject you to criminal

prosecution. Evidence of unauthorized use collected during monitoring may be

used for administrative, criminal, or other adverse action. Use of this system

constitutes consent to monitoring for these purposes.



The file is written in the correct archive directory.


sweigle Wed, 08/01/2007 - 07:14
User Badges:

I have some more information. The router appears to be not reset its timing of archive. For example, if I originally put 1440 minutes and then change it to 5 minutes. The router does not begin archiving at 5 minutes until after the 1440 time limit. Is there a way to manually reset the archive countdown?

Correct Answer
Joe Clarke Wed, 08/01/2007 - 07:44
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

Hmmm, interesting. You might try "no archive" then re-enable archiving again. If that doesn't work, a reload would be in order.

sweigle Wed, 08/01/2007 - 08:47
User Badges:

thanks! I have tried it on the 3560G platform with c3560-ipbasek9-mz.122-25.SEE3.bin IOS. I experienced the same problem with SCP. Doing a no archive and adding the archive information does appear to work. I'll continue testing today.

Joe Clarke Fri, 01/07/2011 - 08:37
User Badges:
  • Cisco Employee,
  • Hall of Fame,

    Founding Member

I tested this on 15.1, and I looked through the code, and the password limit appears to be 31 characters. Please start a new thread for your issue and include the specifics about your device and config.


This Discussion