Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] Data Encryption With Bacula

2008-09-27 10:47:37
Subject: Re: [Bacula-users] Data Encryption With Bacula
From: Grant <grant-bacula AT mytoolbench DOT net>
To: bacula-users AT lists.sourceforge DOT net
Date: Sat, 27 Sep 2008 09:45:01 -0500 

Grant wrote:
> Grant wrote:
>   
>> C M Reinehr wrote:
>>   
>>     
>>> On Thu 25 September 2008 02:22, Arno Lehmann wrote:
>>>   
>>>     
>>>       
>>>> Hi,
>>>>
>>>> 25.09.2008 03:56, Grant wrote:
>>>>     
>>>>       
>>>>         
>>>>> I am emailing as a last resort as I can't find any other information
>>>>> (besides what I mention below) on the internet nor any information in
>>>>> the newsgroups.
>>>>>
>>>>> I am running Debian, version 4 and have installed the Bacula directory,
>>>>> file daemon, storage daemon, and console.  It is version 1.38.11 and was
>>>>> installed using Synaptic Package Manager (outdated but what Debian
>>>>> offers currently and I believe it will do what I need).  I am using
>>>>> MySQL for the catalog.  My OpenSSL version is 0.9.8c.
>>>>>       
>>>>>         
>>>>>           
>>>> As far as I can see, data encryption was included in version 1.39. The
>>>> released version after that would have been 2.0.0 - so you'll have to
>>>> upgrade.
>>>>
>>>> I believe there are some packages for debian available - just don't
>>>> ask me which ones those are, or where to find them :-)
>>>>
>>>> Arno
>>>>     
>>>>       
>>>>         
>>> Grant,
>>>
>>> Here you go:
>>>
>>> http://packages.debian.org/search?keywords=bacula&searchon=names&section=all&suite=etch-backports
>>>
>>> or,
>>>
>>> http://packages.debian.org/search?keywords=bacula&searchon=names&suite=all&section=all
>>>
>>> HTH
>>>
>>> cmr
>>>
>>>   
>>>     
>>>       
>>>>> I configured everything and successfully ran a backup of the system.  My
>>>>> plan is to add other systems which are at different locations and thus
>>>>> the backups will be done over the public internet.  As a result, I want
>>>>> to implement security.  It appears the two options are TLS or data
>>>>> encryption, the later being my choice.  I played around with TLS but it
>>>>> proved to be difficult to setup for my systems.  I followed the
>>>>> directions (http://www.bacula.org/en/rel-manual/Data_Encryption.html)
>>>>> for data encryption by setting up the private/public encryption keys.  I
>>>>> added the necessary parameters to the configuration file but am getting
>>>>> an error message when I try to restart the file daemon.  My
>>>>> configuration file is as follows:
>>>>>
>>>>> FileDaemon {
>>>>>   Name = martin-fd
>>>>>   FDport = 9102
>>>>>   WorkingDirectory = /var/lib/bacula
>>>>>   Pid Directory = /var/run/bacula
>>>>>   Maximum Concurrent Jobs = 10
>>>>>   FDAddress = 127.0.0.1
>>>>>
>>>>>   PKI Signatures = Yes
>>>>>   PKI Encryption = Yes
>>>>>   PKI Keypair = "/etc/bacula/certs/martin.pem"
>>>>>   PKI Master Key = "/etc/bacula/certs/master.cert"
>>>>> }
>>>>>
>>>>> The error I am receiving is as follows:
>>>>>
>>>>> 24-Sep 20:42 bacula-fd: ERROR TERMINATION at parse_conf.c:853
>>>>> Config error: Keyword "PKISignatures" not permitted in this resource.
>>>>> Perhaps you left the trailing brace off of the previous resource.
>>>>>
>>>>>             : line 39, col 17 of file /etc/bacula/bacula-fd.conf
>>>>>
>>>>>   PKI Signatures = Yes            # Enable Data Signing
>>>>>
>>>>> Any assistance you can offer would be greatly appreciated.
>>>>>
>>>>> Thanks,
>>>>> Grant  
>>>>>         
>>>>>           
>> Thank you both for your responses.  I was able to upgrade to version 
>> 2.4.2 however when I run it now, it says PKI encryption was enabled but 
>> not compiled into Bacula.  I assume that this problem relates to the 
>> parameter --with-openssl which is suppose to be supplied when running 
>> ./configure.  Am I out of luck in terms of using Synaptic Package 
>> Manager to install Bacula now?
>>
>>   
>>     
> I was able to install it from source and get it to incorporate OpenSSL 
> however now I can't seem to connect it the director.  I am using the 
> same conf file as before. The director starts without any error messages 
> but the console can't connect nor when I telnet to localhost with port 
> 9101, it won't connect.  Any ideas of what may be happening?
>   
Never mind, I figured it out.  My pid directory was configured wrong.  
Everything appears to be working now.  Thanks for the help.


-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Data Encryption With Bacula, Grant
Next by Date:  [Bacula-users] eject DLT, Roy Kidder
Previous by Thread:  Re: [Bacula-users] Data Encryption With Bacula, Grant
Next by Thread:  Re: [Bacula-users] [Bacula-devel] Alternative DB structures-Proposal, Kern Sibbald
Indexes:  [Date] [Thread] [Top] [All Lists]