I had some headaches switching to SSH. The good news is that I succeeded eventually and that it was well worth the trouble. When amdump fails, it is remarkably unhelpful, and as far as can be told, it's a timeout problem. But it's *not* a timeout problem.
If you really want to know what's going wrong with your SSH-mediated amdump invocations, do this: * On the amanda client machine, as super-user, stop the sshd daemon. * One the amanda client machine, as super-user, run the sshd daemon interactively, with the -d option, in a terminal window. * Now run amdump on the amanda host machine and see what is reported by your ssh -d process on the client. What I found was that the amanda host machine was identifying itself in a way that I didn't expect, and that the amanda client machine didn't know about that name for that host. It was easy to fix, but it was impossible to debug except via the above-described technique. You may have this problem, or other problems, but ssh -d will tell you all you need to know. FYI, here is an entry for user "amanda" on one of my amanda client machines as found in its /home/amanda/.ssh/authorized_keys file: from="manche,manche.coolheads.com,192.168.1.3,24.127.46.164,c-24-127-46-164.hsd1.va.comcast.net",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/home/amanda/libexec/amandad -auth=ssh amdump" ssh-rsa [user rsa key here] It may be overkill, but I identified the host machine in *all* the ways that it might identify itself. Before I ran ssh -d, I didn't know them all. Interesting, huh? Note also that when the amanda host machine attempts to dump itself via ssh, its hostname, for ssh purposes, may be "localhost" and/or "127.0.0.1". For example, here's an entry in my /home/amanda/.ssh/known_hosts file on my amanda host machine: manche,manche.coolheads.com,192.168.1.3,24.127.46.164,c-24-127-46-164.hsd1.va.comcast.net,localhost,127.0.0.1 ssh-rsa [host's own rsa key here] Hope that helps! Gene Heskett <[EMAIL PROTECTED]> writes: > On Thursday 01 February 2007 11:02, Stephen Carville wrote: > >I am trying to get ssh authenticaion working on the amanda server to > >itself. Amcheck -lc gives me a clean bill of health but the backups > >still fail. The older 2.4.5 clients using BSD security still work fine > >but the SSH eludes me. > > > I believe the FAQ or wiki has instructions on how to change the security > model over, Stephan. I'd offer to help, but its been quite some time > back up the log that I did it, and without consulting the FAQ or wiki, I > know I'd leave something out. > > -- > Cheers, Gene > "There are four boxes to be used in defense of liberty: > soap, ballot, jury, and ammo. Please use in that order." > -Ed Howdershelt (Author) > Yahoo.com and AOL/TW attorneys please note, additions to the above > message by Gene Heskett are: > Copyright 2007 by Maurice Eugene Heskett, all rights reserved. > > > -- -- Steve Steven R. Newcomb, Consultant Coolheads Consulting Co-editor, Topic Maps International Standard (ISO/IEC 13250) Co-editor, draft Topic Maps -- Reference Model (ISO/IEC 13250-5) [EMAIL PROTECTED] http://www.coolheads.com direct: +1 540 951 9773 main: +1 540 951 9774 fax: +1 540 951 9775 208 Highview Drive Blacksburg, Virginia 24060 USA (Confidential to all US government personnel to whom this private letter is not addressed and who are reading it in the absence of a specific search warrant: In keeping with the publicly-confessed criminal conduct of the Bush administration, and with the irresponsible actions of the pusillanimous and corrupt 109th Congress, you are co-conspiring to subvert the Constitution that you are sworn to defend. You can either refuse to commit this crime, or you can expect to suffer criminal sanctions in the future, when the Executive Branch of the government of the United States of America once again demonstrates respect for the rule of law. I do not envy you for having to make this difficult choice, but I urge you to make it wisely.)
