Networker
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Networker] aes asm not working (manaul backup)

2010-02-03 14:44:13
Subject: Re: [Networker] aes asm not working (manaul backup)
From: "STANLEY R. HORWITZ" <stan AT TEMPLE DOT EDU>
To: NETWORKER AT LISTSERV.TEMPLE DOT EDU
Date: Wed, 3 Feb 2010 14:41:36 -0500 
On 02 3, 2010, at 3:13 AM, Preston de Guise wrote:

> Hi Tim,
> 
> On 03/02/2010, at 17:19 , tkimball wrote:
>> All involved systems are solaris 10 Sparc.  Server is 7.4.4 EBS, client is 
>> 7.4.1 EBS IIRC (at least 7.4).
>> 
>> I need to enable Client Encryption on one of our manual backups (run from 
>> save cmd on client).  After some trial and error (and an incorrect manpage 
>> on asm names *sigh*) I see a test backup of /etc, from save command, using 
>> the aes asm on the client.
>> 
>> However, a recovery test on another system does not ask you for the 
>> passphrase (which I set in the Server Config under NMC).  I'm using the 
>> recover command instead of nwrecover for testing.
>> 
>> So, is this actually using Encryption or not?  Do Encrypted backups use the 
>> server passphrase when running manually?  I don't care either way as long as 
>> I can assure the client its encrypted - default passphrase will suffice for 
>> now.
>> 
>> The directive (placed in /etc for the test) is straightforward:
>> 
>> +aes: *
> 
> It's been a little while since I configured an encryption setup. However, 
> from memory once the password is set in the datazone, it holds true for all 
> backup/recovery operations in the datazone. Try removing the passphrase and 
> see whether that helps (or failing that, remove the passphrase and 
> stop/restart NetWorker).
> 
> The other option when running the manual backup is to run save -v; this 
> should tell you what asm's it invokes.
> 
> I could be wrong though ... it's been a couple of months. 

Tim needs to include the appropriate passphrase on the recover command. You can 
tell if a backup is using aes encryption because recovering it without the 
correct passphrase will result in an empty file being recovered. See the man 
page for the recover command for details.

To sign off this list, send email to listserv AT listserv.temple DOT edu and 
type "signoff networker" in the body of the email. Please write to 
networker-request AT listserv.temple DOT edu if you have any problems with this 
list. You can access the archives at 
http://listserv.temple.edu/archives/networker.html or
via RSS at http://listserv.temple.edu/cgi-bin/wa?RSS&L=NETWORKER
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Networker] Question on data deduplication products?, Terry Lemons
Next by Date:  [Networker] aes asm not working (manaul backup), tkimball
Previous by Thread:  Re: [Networker] aes asm not working (manaul backup), Preston de Guise
Next by Thread:  [Networker] aes asm not working (manaul backup), tkimball
Indexes:  [Date] [Thread] [Top] [All Lists]