How To:Set up transport encryption with SSH: Difference between revisions

Revision as of 18:39, 31 March 2006

To use ssh:

1. configure Amanda with --with-ssh-security, it will install dumper/amcheck non-suid.
2. set "auth ssh" in the dumptype
3. both server and client must be configured exactly the same

amanda username needs to be the same
location of amandad binaries needs to be the same
a sourceforge RFE bug to request the above restrictions configurable.

4. ssh-keygen -t rsa

 it will create ~amanda_user/.ssh/id_rsa and ~amanda_user/.ssh/id_rsa.pub
 copy ~amanda_user/.ssh/id_rsa.pub to the client machine and append it to ~amanda_user/.ssh/authorized_keys
 chmod 600 ~amanda_user/.ssh/authorized_keys

5. ssh-add

  {will prompt for the passphrase}
  {it will add the RSA identities to the authentication agent}

6. run amdump as you normally do.

Note that only the backup(i.e: amdump/amcheck ) is updated with the new security API. amrecover/amrestore has not been changed to take advantage of it, thus will not use "auth ssh".

@@ Line 3: / Line 3: @@
 . set "auth ssh" in the dumptype<br/>
 . both server and client must be configured exactly the same
-#username needs to be the same
+# amanda username needs to be the same
 # location of amandad binaries needs to be the same
 # a sourceforge RFE bug to request the above restrictions configurable.
@@ Line 15: / Line 15: @@
 . run amdump as you normally do.
-*Note that only the backup(i.e: amdump/amcheck ) is modified with the new security API. amrecover/amrestore has not been changed to take advantage of the Security API.
+*Note that only the backup(i.e: amdump/amcheck ) is updated with the new security API. amrecover/amrestore has not been changed to take advantage of it, thus will not use "auth ssh".
 <br/> <br/>

How To:Set up transport encryption with SSH: Difference between revisions

Revision as of 18:39, 31 March 2006

Navigation menu

Search