Hello Bacula Users,

I am trying pki signatures without pki encryption off.
In my fd config I have

FileDaemon {
        Name = x-fd
        ...
        pki signatures = yes
        pki encryption = no
        pki keypair = /etc/pki/tls/private/x-fd.pem # with CN=x-fd
}

I have a second machine y-fd with equivalent config.

I make a Backup of x-fd.

I do a restore of this backup but I change the restore host to y-fd, and
it works, and that surprises me because y-fd should not be able to
verify the signature made with the private key from x-fd, it does not
know the public key of x-fd, right?

I wonder how this is supposed to work.
+
I don't even know if a signature was made in the first place and how to
verify that.

-- 
Kind Regards, Markus Falb


------------------------------------------------------------------------------
Monitor Your Dynamic Infrastructure at Any Scale With Datadog!
Get real-time metrics from all of your servers, apps and tools
in one place.
SourceForge users - Click here to start your Free Trial of Datadog now!
http://pubads.g.doubleclick.net/gampad/clk?id=241902991&iu=/4140
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users