Ok, now I’ve only tested this with routers running IOS – it may be a little different with Catalyst switches, since they store their config on flash, rather than nvram. On the other hand, it may be exactly the same, since we’re retrieving running-config, not startup-config.
First, you need to ensure that ssh and scp have been enabled. I strongly recommend that you run ssh version 2.
ip ssh version 2 ip scp server enable
Then, on your PC:
scp user@router-hostname:system:running-config .
You should then have a file called “running-config” in that directory. Pretty simple…
If you want to grab the startup-config instead of the running-config, try:
scp user@router-hostname:nvram:startup-config .
By using RSA keys to eliminate the password prompt at login, this method could be expanded to form the basis of an automated config backup. I know that various apps already exist, but a lot of them retrieve the config via “expect” scripts, basically executing a “show run” and capturing the output.
Another method of retrieving the config is via SNMP, however unless you’re using SNMP v3 with encryption, this method is potentially insecure.