On Tue, Feb 08, 2005 at 12:05:06PM -0800, gil naveh enlightened us:
> I am a little confused regarding adding security to
> Amanda.
> In the past I posted a question regarding adding
> security to Amanda - 
> We have a Solaris 9 machine which is Amanda server and
> a remote Solaris 9 machine which is Amanda client.
> We need the data that is transferring from the client
> to the server be secure.
> People have kindly answered my question but I am still
> confused.
> Some have suggested to use sftp or ssh - bring those
> files to the server and then backing it up locally.
> However, by implementing this technique I am over
> loading the network - because I have to ssh or sftp
> all files daily instead of letting Amanda get only the
> changes (level 0,1 etc). But is there a way to
> implement ssh/sftp with Amanda? 
> 
> 
> Anyway I am trying to implement Kerberos and I have a
> few questions about it.
> I am trying to follow the documentation in Amanda for
> kerberos - so far I downloaded the file
> amanda-krb4-2.4.0p1.tar.gz - I unzipped it and tared
> it (tar xvf). Yet I don't know what the next step
> should be - configure+make??? Additionally the
> KERBEROS doc for Amanda under the INSTALLATION section
> says:
>  "2. INSTALLATION
>    The kerberized Amanda service uses a different port
> on the client hosts.
>    The /etc/services line is:
> 
>    kamanda      10081/udp "
> 
> Then what should be the host on the server site?
> Finally how can I test that Kerberos encryption works
> with Amanda?
> 
> Please note that our Amanda server and client are
> Solaris 9 boxes but in the future we might implement
> it on Win boxes (is it feasible to implement Kerberos
> on Win box?)
> 

As far as I know, that only works with Kerberos 4, and I don't think much
stuff uses v4 anymore. You might take a look at

http://security.uchicago.edu/tools/gpg-amanda/

Matt

-- 
Matt Hyclak
Department of Mathematics 
Department of Social Work
Ohio University
(740) 593-1263

pgp6Kc8ql6td_.pgp
Description: PGP signature