How To:Set up transport encryption with SSH

From wiki.zmanda.com
Revision as of 18:39, 31 March 2006 by Ktill (talk | contribs)
Jump to navigation Jump to search
  • To use ssh:

1. configure Amanda with --with-ssh-security, it will install dumper/amcheck non-suid.
2. set "auth ssh" in the dumptype
3. both server and client must be configured exactly the same

  1. amanda username needs to be the same
  2. location of amandad binaries needs to be the same
  3. a sourceforge RFE bug to request the above restrictions configurable.

4. ssh-keygen -t rsa 

 it will create ~amanda_user/.ssh/id_rsa and ~amanda_user/.ssh/id_rsa.pub
 copy ~amanda_user/.ssh/id_rsa.pub to the client machine and append it to ~amanda_user/.ssh/authorized_keys
 chmod 600 ~amanda_user/.ssh/authorized_keys

5. ssh-add 

  {will prompt for the passphrase}
  {it will add the RSA identities to the authentication agent}

6. run amdump as you normally do.

  • Note that only the backup(i.e: amdump/amcheck ) is updated with the new security API. amrecover/amrestore has not been changed to take advantage of it, thus will not use "auth ssh".



Retrieved from ‘http://wiki.zmanda.com/index.php?title=How_To:Set_up_transport_encryption_with_SSH&oldid=2530