+'\" t
.\" Title: amgpgcrypt
-.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
-.\" Date: 03/31/2008
-.\" Manual:
-.\" Source:
+.\" Author: Kevin Till <kevin.till@zmanda.com>
+.\" Generator: DocBook XSL Stylesheets vsnapshot_8273 <http://docbook.sf.net/>
+.\" Date: 04/10/2009
+.\" Manual: System Administration Commands
+.\" Source: Amanda 2.6.1p1
+.\" Language: English
.\"
-.TH "AMGPGCRYPT" "8" "03/31/2008" "" ""
+.TH "AMGPGCRYPT" "8" "04/10/2009" "Amanda 2\&.6\&.1p1" "System Administration Commands"
+.\" -----------------------------------------------------------------
+.\" * set default formatting
+.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
+.\" -----------------------------------------------------------------
+.\" * MAIN CONTENT STARTS HERE *
+.\" -----------------------------------------------------------------
.SH "NAME"
-amgpgcrypt - reference crypt program for Amanda public-key data encryption
+amgpgcrypt \- reference crypt program for \fIAmanda\fR public\-key data encryption
.SH "SYNOPSIS"
-.HP 11
+.HP \w'\fBamgpgcrypt\fR\ 'u
\fBamgpgcrypt\fR to be called by \fIAmanda\fR only
.SH "DESCRIPTION"
.PP
\fBgpg\fR
to perform public\-key data encryption on
\fIAmanda\fR
-backup\.
+backup\&.
\fBamgpgcrypt\fR
will search for the gpg program in the following directories: /usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin
.PP
\fBamgpgcrypt\fR
-sets GNUPGHOME to $AMANDA_HOME/\.gnupg where gpg will look for the gpg keys\.
+sets GNUPGHOME to $AMANDA_HOME/\&.gnupg where gpg will look for the gpg keys\&.
\fBamgpgcrypt\fR
uses the public key to encrypt the
\fIAmanda\fR
data and uses the private key to decrypt the
\fIAmanda\fR
-backup data\. Thus, passphrase is only required at the time of data restore\.
+backup data\&. Thus, passphrase is only required at the time of data restore\&.
.SH "KEY AND PASSPHRASE"
.PP
\fBamgpgcrypt\fR
uses the private key to decrypt
\fIAmanda\fR
-backup data\.
+backup data\&.
It is very important to store, manage and protect the key and the passphrase
-properly\. Encrypted backup data can \fBonly\fR be recovered with the correct key and
-passphrase\.
+properly\&. Encrypted backup data can \fBonly\fR be recovered with the correct key and
+passphrase\&.
.SH "HOW TO CREATE ENCRYPTION KEYS AND PASSPHRASE FOR AMGPGCRYPT"
.PP
Store the passphrase that you used in following "gpg \-\-gen\-key" command inside the home\-directory of the AMANDA\-user($amanda_user) and protect it with proper permissions:
- echo my_secret_passphrase > ~$amanda_user/\.am_passphrase
- chown $amanda_user:disk ~$amanda_user/\.am_passphrase
- chmod 700 ~$amanda_user/\.am_passphrase
+ echo my_secret_passphrase > ~$amanda_user/\&.am_passphrase
+ chown $amanda_user:disk ~$amanda_user/\&.am_passphrase
+ chmod 700 ~$amanda_user/\&.am_passphrase
.PP
-Run "gpg \-\-gen\-key"\. Below is an example:
-.sp
-.RS 4
+Run "gpg \-\-gen\-key"\&. Below is an example:
.nf
$ gpg \-\-gen\-key
-gpg (GnuPG) 1\.2\.6; Copyright (C) 2004 Free Software Foundation, Inc\.
-This program comes with ABSOLUTELY NO WARRANTY\.
+gpg (GnuPG) 1\&.2\&.6; Copyright (C) 2004 Free Software Foundation, Inc\&.
+This program comes with ABSOLUTELY NO WARRANTY\&.
This is free software, and you are welcome to redistribute it
-under certain conditions\. See the file COPYING for details\.
+under certain conditions\&. See the file COPYING for details\&.
Please select what kind of key you want:
(1) DSA and ElGamal (default)
(2) DSA (sign only)
(4) RSA (sign only)
Your selection? 1
-DSA keypair will have 1024 bits\.
-About to generate a new ELG\-E keypair\.
+DSA keypair will have 1024 bits\&.
+About to generate a new ELG\-E keypair\&.
minimum keysize is 768 bits
default keysize is 1024 bits
highest suggested keysize is 2048 bits
What keysize do you want? (1024)
Requested keysize is 1024 bits
-Please specify how long the key should be valid\.
+Please specify how long the key should be valid\&.
0 = key does not expire
(n) = key expires in n days
(n)w = key expires in n weeks
You need a User\-ID to identify your key; the software constructs the user id
from Real Name, Comment and Email Address in this form:
- "Heinrich Heine (Der Dichter) (heinrichh@duesseldorf\.de)"
+ "Heinrich Heine (Der Dichter) (heinrichh@duesseldorf\&.de)"
Real name: amandabackup
Email address:
"amandabackup (gpg keys for amandabackup)"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
-You need a Passphrase to protect your secret key\.
+You need a Passphrase to protect your secret key\&.
-We need to generate a lot of random bytes\. It is a good idea to perform
+We need to generate a lot of random bytes\&. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
-generator a better chance to gain enough entropy\.
+generator a better chance to gain enough entropy\&.
-We need to generate a lot of random bytes\. It is a good idea to perform
+We need to generate a lot of random bytes\&. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
-generator a better chance to gain enough entropy\.
+generator a better chance to gain enough entropy\&.
-public and secret key created and signed\.
-key marked as ultimately trusted\.
+public and secret key created and signed\&.
+key marked as ultimately trusted\&.
pub 1024D/4417A8CB 2006\-02\-07 amandabackup (gpg keys for amandabackup)
Key fingerprint = 139C 6369 44FC 7F1A 655C E5E9 7EAA 515A 4417 A8CB
sub 1024g/8C3A6A78 2006\-02\-07 [expires: 2006\-08\-06]
-
.fi
-.RE
.SH "FILES"
.PP
-\fB$AMANDA_HOME/\.gnupg/pubring\.gpg\fR
+\fB$AMANDA_HOME/\&.gnupg/pubring\&.gpg\fR
.RS 4
-The public key\.
+The public key\&.
\fBamgpgcrypt\fR
-encrypt data with this public key along with the cipher algorithm\.
+encrypt data with this public key along with the cipher algorithm\&.
.RE
.PP
-\fB$AMANDA_HOME/\.gnupg/secring\.gpg\fR
+\fB$AMANDA_HOME/\&.gnupg/secring\&.gpg\fR
.RS 4
-The private/secret key\. It\'s only needed during amrecover/amrestore\. Store and protect it properly during other time\.
+The private/secret key\&. It\'s only needed during amrecover/amrestore\&. Store and protect it properly during other time\&.
.RE
.PP
-\fB$AMANDA_HOME/\.am_passphrase\fR
+\fB$AMANDA_HOME/\&.am_passphrase\fR
.RS 4
-The passphrase\. It\'s only needed during amrecover/amrestore\. Store and protect it properly during other time\.
+The passphrase\&. It\'s only needed during amrecover/amrestore\&. Store and protect it properly during other time\&.
.RE
.SH "BUGS"
.PP
\fIAmanda\fR
-has problem with gpg mdc(modification detection code) in the binary mode\.
+has problem with gpg mdc(modification detection code) in the binary mode\&.
\fBamgpgcrypt\fR
calls gpg with mdc disabled
-.SH "AUTHOR"
-.PP
-The tool and its documentation was written by Zmanda, Inc (http://www\.zmanda\.com/)\.
.SH "SEE ALSO"
.PP
\fBamcrypt\fR(8),
\fBamrestore\fR(8),
\fBgpg\fR(1),
-\fBhttp://wiki.zmanda.com\fR()
+: http://wiki.zmanda.com
+.SH "AUTHOR"
+.PP
+\fBKevin Till\fR <\&kevin\&.till@zmanda\&.com\&>
+.RS 4
+Zmanda, Inc\&. (http://www\&.zmanda\&.com)
+.RE