Amanda-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: amandahostsauth failed

2003-01-25 14:36:13
Subject: Re: amandahostsauth failed
From: "John R. Jackson" <jrj AT purdue DOT edu>
To: simon-amanda-users AT blackstar.co DOT uk
Date: Sat, 25 Jan 2003 12:21:15 -0500 
>On Thu, Jan 23, 2003 at 09:17:43AM -0700, Santiago wrote:
>> ...
>> ERROR: scratchy: [access as amanda not allowed from amanda@backup] 
>> amandahostsauth failed
>> ...
>Make sure that the entry in scratchy's /etc/hosts file has the fully
>quallified domain name of the backup machine.  ...

If that doesn't help, perhaps an explanation of what that message says
will.  It says user "amanda" from the host "backup" (amanda@backup) tried
to authenticate.  To do that, you have to have those values **exactly**
as it says in the message in your .amandahosts file.  Assuming what you
posted is *precisely* what you got, you need:

  backup amanda

Note that the "backup" host name is not qualified.  That, in turn, implies
some other things (see below), but maybe this will get you going.

>Simon.

John R. Jackson, Technical Software Specialist, jrj AT purdue DOT edu

And now for the "more than you ever wanted to know section" ... :-)

When amandad is fired up on the client (scratchy), all it gets is an IP
address of the connecting host.  It does a "reverse" (gethostbyaddr)
lookup to determine the connecting host name.  It uses the "primary"
(first) name returned to do the lookup in .amandahosts.  This is standard
coding practice for doing such lookups.

If you're using /etc/hosts for host name/IP resolution, the order of
names on a line matters -- the first name is the "primary" and will be
used by most code for lookups.

So, for instance, let's say you have a machine named "real-host" in
your domain "my.domain".  And let's say that for convenience you want
to give it an alias of "backup".  If you enter that like this:

  11.22.33.44     backup backup.my.domain real-host real-host.my.domain

... a lookup (gethostbyname) of *any* of the names will return the same
IP number (11.22.33.44).  But a reverse lookup of 11.22.33.44 will return
"backup", which is probably not what you want (it actually returns all
the names, but most code only uses the first).  You probably want to
get back the fully qualified "real" name.  So the line should be:

  11.22.33.44     real-host.my.domain real-host backup.my.domain backup

In my experience, the standard practice is to list the fully qualified
"real" host name first.  Order doesn't really matter after that, but
it's more human-readable to list the related aliases, then other fully
qualified names and aliases.

I wrote a couple of tiny tools to help test all this out:

  ftp://gandalf.cc.purdue.edu/pub/amanda/gethostbyaddr.c
  ftp://gandalf.cc.purdue.edu/pub/amanda/gethostbyname.c

They will help you ask questions and get the same thing back Amanda (or
other software) does from these standard system calls.

And my apologies if this is all well known to you.  I tend to ramble a
bit at times :-).
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Make amanda unload tape drive?, John R. Jackson
Next by Date:  Re: features: append, span tapes, compress?, Gene Heskett
Previous by Thread:  Re: amandahostsauth failed, Simon Young
Next by Thread:  RAIT in 2.4.3b4, Scott Mcdermott
Indexes:  [Date] [Thread] [Top] [All Lists]