Selective encryption of exported configuration?

The configuration in the CDB can be exported to a text file by use of confd_load -l.

Is it possible to selectively encrypt portions (CDB subtrees) of this output so that they are opaque? We don’t want to hide them, because we want the full configuration to be exported. But we do not want certain portions of the configuration to be human-readable. It would be useful if we could mark certain portions of the configuration, in the yang model, as opaque so that they will still be part of the configuration when it is exported to text, but not something that a human would be able to discern the contents.

What you have described isn’t supported. You can always post process the saved file.

1 Like