AMANDA-AUTH-SSL(7) - Linux man page online | Overview, conventions, and miscellany
SSL Communication/Authentication methods between Amanda server and client.
Chapter
12/01/2017
AMANDA-AUTH-SSL(7) Miscellanea AMANDA-AUTH-SSL(7)
@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
Dustin J. Mitchell <
@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
Paul Yeatman <
@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
NAME
amanda-auth-ssl - SSL Communication/Authentication methods between Amanda server and clientDESCRIPTION
This authenticate method use ssl certificate to authenticate host, all transfer over the network is encrypted. Each amanda client/server must have its own certificate signed by the amanda CA certificate.COMPILATION AND GENERAL INFORMATION
Amanda must be configure with --with-ssl-security SERVER/CLIENT CONFIGURATION In amanda.conf and amanda-client.conf. ssl-dir The directoty where amanda store all the certificates. A good value is ~/amanda-ssl. ssl-check-certificate-host Check the peer hostname match the certificate host name. ssl-check-fingerprint Check the fingerprint of the certificate is the same as the fingerprint we already have for that host. ssl-check-host Do the bsd check, dns name of peer IP is the hostname we connect to.FILESYSTEM LAYOUT FOR CERTIFICATES
$SSL_DIR/CA/crt.pem # CA certificate that signed all certificates. $SSL_DIR/CA/private/key.pem # CA private key (on server only) $SSL_DIR/me/crt.pem # public certificate of the host $SSL_DIR/me/private/key.pem # private key of the host $SSL_DIR/me/fingerprint # fingerprint of my certificate $SSL_DIR/remote/HOSTNAME/fingerprint # fingerprint of the HOSTNAME certificate On the HOSTNAME host, $SSL_DIR/remote/HOSTNAME is a symbolic link to ../me.PROGRAM TO HELP CONFIGURATION
The amssl program is a tool to manage the certificate.SEE ALSO
amanda(8), amanda.conf(5), amanda-client.conf(5), disklist(5), amdump(8), amrecover(8), amssl(8), amanda-auth(7) The Amanda Wiki: : http://wiki.zmanda.com/AUTHORS
Jean-Louis Martineau <@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
Dustin J. Mitchell <@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)
Paul Yeatman <@zmanda.com>
Zmanda, Inc. (http://www.zmanda.com)| This manual | Reference | Other manuals |
|---|---|---|
| amanda-auth-ssl(7) | referred by | amanda(8) | amanda-auth(7) |
| refer to | amanda(8) | amanda-auth(7) | amanda-client.conf(5) | amanda.conf(5) | amdump(8) | amrecover(8) | amssl(8) | disklist(5) |