1AMANDA-AUTH(7) Miscellanea AMANDA-AUTH(7)
2
6 amanda-auth - Communication/Authentication methods between Amanda
7 server and client
8
10 Amanda offers 8 methods of communication between Amanda server
11 (sometimes also called the tape server) and clients, each with its own
12 authentication method. The desired communication method is specified by
13 the auth parameter in the amanda.conf file (amanda.conf(5)) commonly as
14 a dumptype. Valid values to the auth parameter are bsd, bsdudp, bsdtcp,
15 krb5, local, rsh, and ssh. The authentication and communication method
16 is used during the backup process amdump (amdump(8)) as well as the
17 recovery process amrecover (amrecover(8)).
18
20 The communication method and thus type of authentication that will be
21 used by the Amanda server is specified by the auth parameter in the
22 dumptype for each disklist entry (DLE). The auth parameter thus may be
23 easily and globally specified in the "global" dumptype. If auth is not
24 specified, the bsdtcp communication method is used. See amanda.conf(5)
25 for more information on Amanda configuration and dumptypes, and
26 disklist(5) for more information on disklists.
27 On the client side, the Amanda daemon amandad validates the connection
29 depending on the value of the auth argument passed to it (see
30 Amanda(8)). Also, when it comes to recovery, the auth parameter can be
31 specified in the amanda-client.conf(5) file to specify the
32 communication method to be used by the client to the server.
33 When Amanda is being built from source code, desired communication and
35 thus authentication methods (shown as "Authentication") must be
36 specified as configure options at compilation time.
37 Authentication Configure option(s)
39 bsd --with-bsd-security --with-amandahosts (pre-2.6)
40 bsdtcp --with-bsdtcp-security --with-amandahosts (pre-2.6)
41 bsdudp --with-bsdudp-security --with-amandahosts (pre-2.6)
42 krb5 --with-krb5-security
43 local (always included)
44 rsh --with-rsh-security
45 ssh --with-ssh-security
46 ssl --with-ssl-security
47 There are additional configure options for bsd, bsdudp, and bsdtcp to
49 allow for specifying explicit UDP and TCP port ranges.
50 --with-udpportrange
52 --with-tcpportrange
53 --with-low-tcpportrange
54 See PORT USAGE below for more information.
56 There are additional configure options for Kerberos 5 if you so desire.
58 --with-krb5-security=DIR where libkrb.a lives [see below]
60 If configuring with --with-krb5-security, the configure script will
62 search under /usr/kerberos/lib, /usr/cygnus/lib, /usr/lib, and
63 /opt/kerberos/lib for the kerberos bits, libkrb.a, in this order.
64 Kerberos support will not be added if it does not find them. If the
65 kerberos bits are found under some other hierarchy, you can specify
66 this via --with-krb5-security=DIR where DIR is where the kerberos bits
67 live. The configure script will then look in the 'lib' directory under
68 this hierarchy for libkrb.a.
69