How To:Set Up Amanda Communication Via SSH Tunnels
This article is a part of the How Tos collection.
Amanda 2.5.0 provides ssh based authentication mechanism; see How To:Set up transport encryption with SSH. The technique in this article may still be useful for tunneling connections through restrictive firewalls, "jump hosts", and so on.
ssh tunnels
If user wants to set up ssh connection between amanda server and a specific client or use ssh for older versions of Amanda, ssh tunnel between server and client has to be created.
- Install and Configure ssh
- Check if ssh between the server and client as amanda user is working.
- Configure ssh to use DSA/RSA authentication. See ssh key generation and installation.
- Run the following command on the Amanda client, to create a ssh tunnel (stunnel command can be also used)
# ssh -L 10080:<amanda server>:<port> 'sleep 100'
<port> should be the port used by amanda to backup the client.
- Amanda uses a range of ports on the server. So, ssh tunnels to all ports will have to be created.
- If amdump starts doing backup within 100 seconds, it will use the ssh tunnel. Increase the sleep time so that backup uses the ssh tunnel.
- ssh tunnel creation should be part for backup wrapper script. See Pre-backup wrapper script section