Re: [Bacula-users] client/server passwords

Thu, 07 May 2015 00:17:34 -0700 

Thanks Bill!  I appreciate the help and information.  Looks like I have
some reading to do.

-craig

On Wed, May 6, 2015 at 3:07 PM, Bill Arlofski <waa-bac...@revpol.com> wrote:

> On 05/05/2015 10:18 PM, Craig Shiroma wrote:
> > Hi Romeo,
> >
> > Thanks!  Just so I understand correctly...
> > The bacula-fd running on the clients communicate with the bacula server
> using
> > the password in client's bacula-fd.conf.  This authentication on the
> "wire" is
> > actually encrypted.  Is this correct?
> >
> > -craig
>
> Hi Craig,
>
> Keep in mind that all of the actual backup data and other communications is
> unencrypted unless TLS between daemons is configured in Bacula: DIR->SD,
> DIR->FD, FD->SD, bconsole->DIR, (and SD->FD in the case of SD calls Client)
>
> One simple method to encrypt communications between daemons is to use an
> excellent open-source tool called "stunnel" (documented in the Bacula
> misc.pdf
> manual)
>
> Depending on your requirements, stunnel, a VPN (IPsec, OpenVPN or other),
> ssh
> tunnels, or a full-blown TLS deployment are all possible options to secure
> Bacula's daemon<-->daemon communications.
>
> Some are more complex and time consuming to implement than others, but may
> be
> more (verifiably) secure, so these considerations need to be a part of the
> requirements discussion. :)
>
> Bill
>
>
>
> --
> Bill Arlofski
> Reverse Polarity, LLC
> http://www.revpol.com/
> -- Not responsible for anything below this line --
>
>
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> Bacula-users mailing list
> Bacula-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
>

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Bacula-users mailing list
Bacula-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bacula-users

Reply via email to