In answer to my request for suggestions as to why Amanda 2.5.1 doesn't seem to work with auth=ssh on our network, Jean-Louis Martineau <[EMAIL PROTECTED]> writes:
> Anything about ssh in your system log? Nothing in /var/log/syslog of the client. However, in /var/log/auth.log, the following is the typical result of an amcheck of that client (manche): Sep 20 11:26:16 manche sshd[9614]: Accepted publickey for amanda from 192.168.1.2 port 40157 ssh2 Sep 20 11:26:16 manche sshd[9616]: (pam_unix) session opened for user amanda by (uid=0) Sep 20 11:26:25 manche sshd[9616]: (pam_unix) session closed for user amanda ...and that's all. (I don't know why the above says uid=0. Everywhere on our network, including on host "manche", user "amanda" is uid 1003.) > Could you ssh from the server to the client without amanda? Yes. No data comes back, which I suppose is normal, given that the login is locked to amandad on the client, as the instructions suggest. Anyway, the login evidently succeeds. > Did it create /tmp/amanda/amanda/amandad.*.debug files? Yes, here's a typical one: amandad: debug 1 pid 30936 ruid 1003 euid 1003: start at Tue Sep 19 17:15:50 2006 security_getdriver(name=ssh) returns 0xa7f7c260 amandad: version 2.5.1 amandad: build: VERSION="Amanda-2.5.1" amandad: BUILT_DATE="Tue Sep 19 16:43:08 EDT 2006" amandad: BUILT_MACH="Linux manche 2.6.16-2-686 #1 Fri Aug 18 19:01:49 UTC 2006 i686 GNU/Linux" amandad: CC="gcc" amandad: CONFIGURE_COMMAND="'./configure' '--prefix=/usr/amanda' '--sysconfdir=/etc' '--localstatedir=/var/amanda' '--with-user=amanda' '--with-group=disk' '--with-config=coolheads' '--with-ssh-security' '--with-buffered-dump' '--without-server'" amandad: paths: bindir="/usr/amanda/bin" sbindir="/usr/amanda/sbin" amandad: libexecdir="/usr/amanda/libexec" mandir="/usr/amanda/man" amandad: AMANDA_TMPDIR="/tmp/amanda" AMANDA_DBGDIR="/tmp/amanda" amandad: CONFIG_DIR="/etc/amanda" DEV_PREFIX="/dev/" amandad: RDEV_PREFIX="/dev/" DUMP=UNDEF RESTORE=UNDEF VDUMP=UNDEF amandad: VRESTORE=UNDEF XFSDUMP=UNDEF XFSRESTORE=UNDEF VXDUMP=UNDEF amandad: VXRESTORE=UNDEF SAMBA_CLIENT="/usr/bin/smbclient" amandad: GNUTAR="/bin/tar" COMPRESS_PATH="/bin/gzip" amandad: UNCOMPRESS_PATH="/bin/gzip" LPRCMD="/usr/bin/lpr" amandad: MAILER="/usr/bin/Mail" amandad: listed_incr_dir="/var/amanda/amanda/gnutar-lists" amandad: defs: DEFAULT_SERVER="manche" DEFAULT_CONFIG="coolheads" amandad: DEFAULT_TAPE_SERVER="manche" HAVE_MMAP HAVE_SYSVSHM amandad: LOCKING=POSIX_FCNTL SETPGRP_VOID DEBUG_CODE amandad: AMANDA_DEBUG_DAYS=4 BSD_SECURITY RSH_SECURITY USE_AMANDAHOSTS amandad: CLIENT_LOGIN="amanda" FORCE_USERID HAVE_GZIP amandad: COMPRESS_SUFFIX=".gz" COMPRESS_FAST_OPT="--fast" amandad: COMPRESS_BEST_OPT="--best" UNCOMPRESS_OPT="-dc" ...and that's all it says. I tried compiling it for the client both with and without buffered dump. Also, with and without server. Same result in all cases. Thanks for the use of your brain, Jean-Louis! -- Steve Steven R. Newcomb, Consultant Coolheads Consulting Co-editor, Topic Maps International Standard (ISO/IEC 13250) Co-editor, draft Topic Maps -- Reference Model (ISO/IEC 13250-5) [EMAIL PROTECTED] http://www.coolheads.com direct: +1 540 951 9773 main: +1 540 951 9774 fax: +1 540 951 9775 208 Highview Drive Blacksburg, Virginia 24060 USA (Confidential to all US government personnel to whom this private letter is not addressed and who are reading it in the absence of a specific search warrant: You are violating the law and you are co-conspiring to subvert the Constitution that you are sworn to defend. You can either refuse to commit this crime, or you can expect to suffer criminal sanctions in the future, when the current administration of the United States of America has been replaced by one that respects the rule of law. I do not envy you for having to make this difficult choice, but I urge you to make it wisely.)