ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [ADSM-L] Encryption problem on linux node

2009-09-17 18:17:26
Subject: Re: [ADSM-L] Encryption problem on linux node
From: Andrew Raibeck <storman AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Thu, 17 Sep 2009 18:01:24 -0400 
Yes, your second cut at this is more accurate. Options like
"INCLUDE.ENCRYPT" or "INCLUDE.COMPRESSION" only server to indicate whether
the files are encrypted or compressed (whatever is to the right of the
"INCLUDE." portion). So you need the "INCLUDE" (or "INCLUDE.BACKUP") to
include files for backup AND to bind them to a management class if you want
them bound to something other than the default management class.

You can more easily verify encryption by doing something like:

   dsmc query backup /u05/Archive/somefile -detail -traceflags=query

When you did the backup, were you prompted for an encryption key?

Best regards,

Andy

Andy Raibeck
IBM Software Group
Tivoli Storage Manager Client Product Development
Level 3 Team Lead
Internal Notes e-mail: Andrew Raibeck/Hartford/IBM@IBMUS
Internet e-mail: storman AT us.ibm DOT com

IBM Tivoli Storage Manager support web page:
http://www.ibm.com/software/sysmgmt/products/support/IBMTivoliStorageManager.html


The only dumb question is the one that goes unasked.
The command line is your friend.
"Good enough" is the enemy of excellence.

"ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU> wrote on 09/17/2009
03:07:48 PM:

> [image removed]
>
> Encryption problem on linux node
>
> Brian G. Kunst
>
> to:
>
> ADSM-L
>
> 09/17/2009 03:09 PM
>
> Sent by:
>
> "ADSM: Dist Stor Manager" <ADSM-L AT VM.MARIST DOT EDU>
>
> Please respond to "ADSM: Dist Stor Manager"
>
> I'm trying to setup a linux node to backup only the /u05/Archive
> directory with encryption enabled.  Here's how I have it set up in
> the dsm.sys file:
>
> SErvername attic
> COMMMethod TCPip
> TCPPort 1500
> TCPServeraddress attic.cac.washington.edu
> ENCRYPTIONTYPE     AES128
> ENCRYPTKEY         save
> PasswordAccess Generate
> nodename bklinuxtest
>
> Domain /
>
> EXCLUDE "/.../*"
> Include.Encryption "/u05/Archive/.../*"
>
> When the backup runs, no files actually get backed up.  From what I
> can tell, my exclude statement is the only thing getting honored.
> TSM seems to just ignore the include.encrypt line.  I tried adding a
> include.backup line as such:
>
> EXCLUDE "/.../*"
> Include.Encryption "/u05/Archive/.../*"
> Include.backup "/u05/Archive/.../*"
>
> When the backup ran with this configuration the files in /u05/
> Archive were backed up, but the from what I can see, weren't
> encrypted.  I tested this by moving the /etc/adsm/TSM.PWD file and
> attempting a restore, which was successful.
>
> Can anyone see where am I going wrong here?  Does TSM not process
> include.encrypt statements the same way it process other include
statements?
>
> Thanks,
>
> --
> Brian Kunst
> Storage Administrator
> UW Technology
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [ADSM-L] SELECT FOR DISTINCT VOLUMES IN A COLLOCATION GROUP, Conway, Timothy
Next by Date:  Re: [ADSM-L] [TSM] Client Options Set - A bit confuse, Erwann Simon
Previous by Thread:  [ADSM-L] Encryption problem on linux node, Brian G. Kunst
Next by Thread:  [ADSM-L] RHEL5-2.6.18.96 - Lin_tape 1.24-Sandiscovery wont work, janecb01
Indexes:  [Date] [Thread] [Top] [All Lists]