Provided by: amanda-common_3.5.1-9_amd64 bug

NAME

       amanda-auth-ssl - SSL Communication/Authentication methods between Amanda server and
       client

DESCRIPTION

       This authenticate method use ssl certificate to authenticate host, all transfer over the
       network is encrypted.

       Each amanda client/server must have its own certificate signed by the amanda CA
       certificate.

COMPILATION AND GENERAL INFORMATION

       Amanda must be configure with --with-ssl-security

SERVER/CLIENT CONFIGURATION

       In amanda.conf and amanda-client.conf.

       ssl-dir
           The directoty where amanda store all the certificates. A good value is ~/amanda-ssl.

       ssl-check-certificate-host
           Check the peer hostname match the certificate host name.

       ssl-check-fingerprint
           Check the fingerprint of the certificate is the same as the fingerprint we already
           have for that host.

       ssl-check-host
           Do the bsd check, dns name of peer IP is the hostname we connect to.

FILESYSTEM LAYOUT FOR CERTIFICATES

       $SSL_DIR/CA/crt.pem                   # CA certificate that signed
                                               all certificates.
       $SSL_DIR/CA/private/key.pem           # CA private key
                                               (on server only)
       $SSL_DIR/me/crt.pem                   # public certificate of the host
       $SSL_DIR/me/private/key.pem           # private key of the host
       $SSL_DIR/me/fingerprint               # fingerprint of my certificate
       $SSL_DIR/remote/HOSTNAME/fingerprint  # fingerprint of the HOSTNAME
                                               certificate

       On the HOSTNAME host, $SSL_DIR/remote/HOSTNAME is a symbolic link to ../me.

PROGRAM TO HELP CONFIGURATION

       The amssl program is a tool to manage the certificate.

SEE ALSO

       amanda(8), amanda.conf(5), amanda-client.conf(5), disklist(5), amdump(8), amrecover(8),
       amssl(8), amanda-auth(7)

       The Amanda Wiki: : http://wiki.zmanda.com/

AUTHORS

       Jean-Louis Martineau <martineau@zmanda.com>
           Zmanda, Inc. (http://www.zmanda.com)

       Dustin J. Mitchell <dustin@zmanda.com>
           Zmanda, Inc. (http://www.zmanda.com)

       Paul Yeatman <pyeatman@zmanda.com>
           Zmanda, Inc. (http://www.zmanda.com)