X-Git-Url: https://git.gag.com/?a=blobdiff_plain;f=man%2Famanda-auth.7;fp=man%2Famanda-auth.7;h=d44f5b0456abc7ab1675a0cbc3fbb9761d257283;hb=441dd72d27c13b97098a519388e6c194b16519f0;hp=c4d9db13f5763f85eeb682b577d6651c4b52f7a0;hpb=a2927cde973fba3eab558b723ba2bfba897f10c8;p=debian%2Famanda diff --git a/man/amanda-auth.7 b/man/amanda-auth.7 index c4d9db1..d44f5b0 100644 --- a/man/amanda-auth.7 +++ b/man/amanda-auth.7 @@ -124,7 +124,7 @@ parameter selects a communication/authentication method to use between the clien .PP When Amanda is built, a username is specified with the \fB\-\-with\-user\fR -option\&. Most Amanda processes run under this user\*(Aqs identity, to minimize security risks\&. In binary distributions, this username is usually one of \*(Aqamanda\*(Aq, \*(Aqamandabackup\*(Aq, or \*(Aqbackup\*(Aq\&. The examples below use \*(Aqamandabackup\*(Aq since it is unambiguous\&. You may need to adjust accordingly for your system\&. +option\&. Most Amanda processes run under this user\*(Aqs identity, to minimize security risks\&. In binary distributions, this username is usually one of \*(Aqamanda\*(Aq, \*(Aqbackup\*(Aq, or \*(Aqbackup\*(Aq\&. The examples below use \*(Aqbackup\*(Aq since it is unambiguous\&. You may need to adjust accordingly for your system\&. .SS "Authenticated Peer Hostnames" .PP Amanda\*(Aqs authentication mechanisms provide an authenticated hostname of the system on the other end of the connection, which is used to restrict access to only particular hosts\&. The degree of "authentication" performed on this hostname varies with the authentication mechanism, and is discussed below\&. @@ -192,10 +192,10 @@ If service is omitted, it defaults to (which is equivalent to \fBamdump\fR)\&. .PP -Example of the \&.amandahosts file on an Amanda client, where \*(Aqamandabackup\*(Aq is the Amanda dumpuser\&. +Example of the \&.amandahosts file on an Amanda client, where \*(Aqbackup\*(Aq is the Amanda dumpuser\&. .sp .nf - \fBamandaserver\&.example\&.com amandabackup amdump\fR + \fBamandaserver\&.example\&.com backup amdump\fR .fi .PP Example of the \&.amandahosts file on an Amanda server @@ -211,7 +211,7 @@ The authentication is done using \&.amandahosts file in the Amanda user\*(Aqs ho The authentication is done using \&.amandahosts files in the Amanda user\*(Aqs home directory\&. It uses UDP protocol between Amanda server and client for data and hence the number of DLEs is limited by the UDP packet size\&. It uses one TCP port to establish the connection and multiplexes all data streams using one port on the server (see PORT USAGE below)\&. .SS "bsdtcp communication and authentication" .PP -The authentication is done using \&.amandahosts files in the backup user\*(Aqs (for example: amandabackup) home directory\&. It uses TCP protocol between Amanda server and client\&. On the client, two reserved ports are used\&. On the server, all data streams are multiplexed to one port (see PORT USAGE below)\&. +The authentication is done using \&.amandahosts files in the backup user\*(Aqs (for example: backup) home directory\&. It uses TCP protocol between Amanda server and client\&. On the client, two reserved ports are used\&. On the server, all data streams are multiplexed to one port (see PORT USAGE below)\&. .SS "USING INETD SERVER" .PP Template for Amanda client inetd service entry @@ -222,10 +222,10 @@ Template for Amanda client inetd service entry .PP Client example of using \fBbsd\fR -authorization for inetd server given Amanda user is "amandabackup": +authorization for inetd server given Amanda user is "backup": .sp .nf -\fB amanda dgram udp wait amandabackup /path/to/amandad amandad \-auth=bsd amdump\fR +\fB amanda dgram udp wait backup /path/to/amandad amandad \-auth=bsd amdump\fR .fi .PP The same could be used for @@ -234,10 +234,10 @@ if specifying \-auth=bsdudp instead of \-auth=bsd\&. .PP Client example of using \fBbsdtcp\fR -authorization for inetd server given Amanda user is "amandabackup": +authorization for inetd server given Amanda user is "backup": .sp .nf -\fB amanda stream tcp nowait amandabackup /path/to/amandad amandad \-auth=bsdtcp amdump\fR +\fB amanda stream tcp nowait backup /path/to/amandad amandad \-auth=bsdtcp amdump\fR .fi .PP \fBamindexd\fR @@ -249,10 +249,10 @@ server arguments for an Amanda server\&. .PP Server example of using \fBbsdtcp\fR -authorization for inetd server given Amanda user is "amandabackup": +authorization for inetd server given Amanda user is "backup": .sp .nf -\fB amanda stream tcp nowait amandabackup /path/to/amandad amandad \-auth=bsdtcp amdump amindexd amidxtaped\fR +\fB amanda stream tcp nowait backup /path/to/amandad amandad \-auth=bsdtcp amdump amindexd amidxtaped\fR .fi .PP For Amanda version 2\&.5\&.0 and earlier, remember that neither @@ -286,8 +286,8 @@ instead and, again, the server must be running the amandaidx and amidxtape netwo Example of amindexd and amidxtaped Amanda daemon services configured as their own network services for a 2\&.5\&.0 or earlier server or a newer server having 2\&.5\&.0 or earlier clients .sp .nf -\fB amandaidx stream tcp nowait amandabackup /usr/local/libexec/amanda/current/amindexd amindexd\fR -\fB amidxtape stream tcp nowait amandabackup /usr/local/libexec/amanda/current/amidxtaped amidxtaped\fR +\fB amandaidx stream tcp nowait backup /usr/local/libexec/amanda/current/amindexd amindexd\fR +\fB amidxtape stream tcp nowait backup /usr/local/libexec/amanda/current/amidxtaped amidxtaped\fR .fi .SS "USING XINETD SERVER" .PP @@ -315,7 +315,7 @@ parameter can be used with xinetd but is usually in addition to the primary form .PP Client example of using \fBbsd\fR -authorization for xinetd server and for Amanda user "amandabackup": +authorization for xinetd server and for Amanda user "backup": .sp .nf service amanda @@ -324,7 +324,7 @@ service amanda socket_type = dgram protocol = udp wait = yes - user = amandabackup + user = backup group = disk groups = yes server = /path/to/amandad @@ -339,7 +339,7 @@ if specifying \-auth=bsdudp instead of \-auth=bsd\&. .PP Client example of using \fBbsdtcp\fR -authorization for xinetd server and for Amanda user "amandabackup": +authorization for xinetd server and for Amanda user "backup": .sp .nf service amanda @@ -348,7 +348,7 @@ service amanda socket_type = stream protocol = tcp wait = no - user = amandabackup + user = backup group = disk groups = yes server = /path/to/amandad @@ -589,7 +589,7 @@ For example: define dumptype rsh_example { \&.\&.\&. auth "rsh" - client\-username "amandabackup" + client\-username "backup" amandad\-path "/usr/lib/exec/amandad" \&.\&.\&. } @@ -616,7 +616,7 @@ When you use a public key on the client to do data encryption (see http://wiki\& Enable SSH authentication and set the \fBssh\-keys\fR option in all DLEs for that host by adding the following to the DLE itself or to the corresponding dumptype in amanda\&.conf: auth "ssh" - ssh\-keys "/home/amandabackup/\&.ssh/id_rsa_amdump" + ssh\-keys "/home/backup/\&.ssh/id_rsa_amdump" \fBssh\-keys\fR is the path to the private key on the client\&. If the username to which Amanda should connect is different from the default, then you should also add