NAME¶

amanda-auth-ssl - SSL Communication/Authentication methods between Amanda server and client

DESCRIPTION¶

This authenticate method use ssl certificate to authenticate host, all transfer over the network is encrypted.

Each amanda client/server must have its own certificate signed by the amanda CA certificate.

COMPILATION AND GENERAL INFORMATION¶

Amanda must be configure with --with-ssl-security

SERVER/CLIENT CONFIGURATION¶

In amanda.conf and amanda-client.conf.

ssl-dir

ssl-check-certificate-host

ssl-check-fingerprint

ssl-check-host

FILESYSTEM LAYOUT FOR CERTIFICATES¶

$SSL_DIR/CA/crt.pem                   # CA certificate that signed


                                        all certificates.
$SSL_DIR/CA/private/key.pem           # CA private key


                                        (on server only)
$SSL_DIR/me/crt.pem                   # public certificate of the host
$SSL_DIR/me/private/key.pem           # private key of the host
$SSL_DIR/me/fingerprint               # fingerprint of my certificate
$SSL_DIR/remote/HOSTNAME/fingerprint  # fingerprint of the HOSTNAME


                                        certificate

On the HOSTNAME host, $SSL_DIR/remote/HOSTNAME is a symbolic link to ../me.

PROGRAM TO HELP CONFIGURATION¶

The amssl program is a tool to manage the certificate.

SEE ALSO¶

amanda(8), amanda.conf(5), amanda-client.conf(5), disklist(5), amdump(8), amrecover(8), amssl(8), amanda-auth(7)

The Amanda Wiki: : http://wiki.zmanda.com/

AUTHORS¶

Jean-Louis Martineau <martineau@zmanda.com>

Dustin J. Mitchell <dustin@zmanda.com>

Paul Yeatman <pyeatman@zmanda.com>