1AMANDA-AUTH-SSL(7)                Miscellanea               AMANDA-AUTH-SSL(7)
2
3
4

NAME

6       amanda-auth-ssl - SSL Communication/Authentication methods between
7       Amanda server and client
8

DESCRIPTION

10       This authenticate method use ssl certificate to authenticate host, all
11       transfer over the network is encrypted.
12
13       Each amanda client/server must have its own certificate signed by the
14       amanda CA certificate.
15

COMPILATION AND GENERAL INFORMATION

17       Amanda must be configure with --with-ssl-security
18

SERVER/CLIENT CONFIGURATION

20       In amanda.conf and amanda-client.conf.
21
22       ssl-dir
23           The directoty where amanda store all the certificates. A good value
24           is ~/amanda-ssl.
25
26       ssl-check-certificate-host
27           Check the peer hostname match the certificate host name.
28
29       ssl-check-fingerprint
30           Check the fingerprint of the certificate is the same as the
31           fingerprint we already have for that host.
32
33       ssl-check-host
34           Do the bsd check, dns name of peer IP is the hostname we connect
35           to.
36

FILESYSTEM LAYOUT FOR CERTIFICATES

38       $SSL_DIR/CA/crt.pem                   # CA certificate that signed
39                                               all certificates.
40       $SSL_DIR/CA/private/key.pem           # CA private key
41                                               (on server only)
42       $SSL_DIR/me/crt.pem                   # public certificate of the host
43       $SSL_DIR/me/private/key.pem           # private key of the host
44       $SSL_DIR/me/fingerprint               # fingerprint of my certificate
45       $SSL_DIR/remote/HOSTNAME/fingerprint  # fingerprint of the HOSTNAME
46                                               certificate
47
48       On the HOSTNAME host, $SSL_DIR/remote/HOSTNAME is a symbolic link to
49       ../me.
50

PROGRAM TO HELP CONFIGURATION

52       The amssl program is a tool to manage the certificate.
53

SEE ALSO

55       amanda(8), amanda.conf(5), amanda-client.conf(5), disklist(5),
56       amdump(8), amrecover(8), amssl(8), amanda-auth(7)
57
58       The Amanda Wiki: : http://wiki.zmanda.com/
59

AUTHORS

61       Jean-Louis Martineau <martineau@zmanda.com>
62           Zmanda, Inc. (http://www.zmanda.com)
63
64       Dustin J. Mitchell <dustin@zmanda.com>
65           Zmanda, Inc. (http://www.zmanda.com)
66
67       Paul Yeatman <pyeatman@zmanda.com>
68           Zmanda, Inc. (http://www.zmanda.com)
69
70
71
72Amanda 3.5.4                      07/27/2023                AMANDA-AUTH-SSL(7)
Impressum