Thanks Marcus for all the details. I can in fact do pwd-less ssh for root user and a test user, so that rules out many of the likely problems. But in the meantime I've realized I don't need ssh working, I can use the default bsdtcp since I'm on a secure (enough) local network. The tutorial said to setup ssh, without saying it's not necessary.
-M On Wed, Nov 13, 2013 at 12:38 PM, Marcus Pless <[email protected]>wrote: > On my main amanda server I have the following files in ~amanda/.ssh: > > config > id_rsa_amdump > id_rsa_amdump.pub > known_hosts > > > The config file contains: > > [amanda ~/.ssh]$ cat config > Host * > RhostsRSAAuthentication yes > HostbasedAuthentication no > ForwardAgent no > ForwardX11 no > Ciphers arcfour,blowfish-cbc > > > The known_hosts file contains an assortment of > /etc/ssh/ssh_host_rsa_key.pub keys. > > On a typical amanda client ~amanda/.ssh has one file; authorized_keys. > This file typically contains one line: > > from="your_amanda_servername.yourdomain.name",no-port- > forwarding,no-X11-forwarding,no-agent-forwarding,command="/path/to/amanda/libexec/amandad > -auth=ssh amdump" ssh-rsa contents_of_your_amanda_ > server:~amanda/.ssh/id_rsa_amdump.pub > > > Then make sure you're not getting blocked by ipfilters or /etc/hosts.allow. > I use the username "amanda" on every box and then make sure the hosts.allow > file accepts sshd connections from amanda@amanda_server.domain.name. You > might also need to make sure your /etc/ssh/ssh_known_hosts files look > reasonable. > > Hope this helps. > > --Marcus > > > > > On Tue, 12 Nov 2013, Michael Stauffer wrote: > >> >> Hi, I'm setting up Amanda 3.3.4 (CentOS 6.4), following to "Amanda in 15 >> Minutes" guide (btw, seems like a very optimistic title!). >> >> I can't get passwordless ssh working between server and client with the >> amandabackup user. I've followed the instructions in the doc which were to >> manually copy the public key, and I've also generated new keys on the >> server using ssh-keygen and copied them using ssh-copy-id onto the client. >> >> It *does* work between these machines as user root, and between other >> users, and between amandabackup on the server and another user on the >> client. >> >> I read online that someone thought the user on the login machine has to >> have their home dir in /home (or /root, presumably, for root). What I see so >> far suggests this might be right, as it works from amandabackup user on >> the server to another user on the client when the other user has their home >> dir >> in /home. However, it also works if I create a user with a home dir in >> /tmp. >> >> I have the ownership and permissions setup correctly for >> /var/lib/amandabackup/.ssh and its files. >> >> Has anyone else seen this issue, or have any ideas? >> >> Thanks >> >> -M >> >> >>
