1AMANDA-AUTH-SSL(7) Miscellanea AMANDA-AUTH-SSL(7)
2
6 amanda-auth-ssl - SSL Communication/Authentication methods between
7 Amanda server and client
8
10 This authenticate method use ssl certificate to authenticate host, all
11 transfer over the network is encrypted.
12 Each amanda client/server must have its own certificate signed by the
14 amanda CA certificate.
15
17 Amanda must be configure with --with-ssl-security
18
20 In amanda.conf and amanda-client.conf.
21 ssl-dir
23 The directoty where amanda store all the certificates. A good value
24 is ~/amanda-ssl.
25 ssl-check-certificate-host
27 Check the peer hostname match the certificate host name.
28 ssl-check-fingerprint
30 Check the fingerprint of the certificate is the same as the
31 fingerprint we already have for that host.
32 ssl-check-host
34 Do the bsd check, dns name of peer IP is the hostname we connect
35 to.
36
38 $SSL_DIR/CA/crt.pem # CA certificate that signed
39 all certificates.
40 $SSL_DIR/CA/private/key.pem # CA private key
41 (on server only)
42 $SSL_DIR/me/crt.pem # public certificate of the host
43 $SSL_DIR/me/private/key.pem # private key of the host
44 $SSL_DIR/me/fingerprint # fingerprint of my certificate
45 $SSL_DIR/remote/HOSTNAME/fingerprint # fingerprint of the HOSTNAME
46 certificate
47 On the HOSTNAME host, $SSL_DIR/remote/HOSTNAME is a symbolic link to
49 ../me.
50
52 The amssl program is a tool to manage the certificate.
53
55 amanda(8), amanda.conf(5), amanda-client.conf(5), disklist(5),
56 amdump(8), amrecover(8), amssl(8), amanda-auth(7)
57 The Amanda Wiki: : http://wiki.zmanda.com/
59
61 Jean-Louis Martineau <martineau@zmanda.com>
62 Zmanda, Inc. (http://www.zmanda.com)
63 Dustin J. Mitchell <dustin@zmanda.com>
65 Zmanda, Inc. (http://www.zmanda.com)
66 Paul Yeatman <pyeatman@zmanda.com>
68 Zmanda, Inc. (http://www.zmanda.com)
69Amanda 3.5.1 12/01/2017 AMANDA-AUTH-SSL(7)