On Mon, 13 May 2019 00:31:04 +0200 Uwe Menges <[email protected]> wrote:
> > cp -rp /root/.ssh /home/amandabackup > > This copies also root's private key(s) and authorized_keys and config, > which is not desired. You should probably create at least one separate > key pair for amandabackup (it's up to you if you create a separate key > for each client and maintain ~amandabackup/.ssh/authorized_keys for > each client). You would be correct if root had any of those things. This is a minimally populated virtual machine, and so far I have not generated keys for root. So all root has is authorized_keys, which the backup user may also want. When I get around to testing on that VM, I may generate keys. In that event, I will adjust the script. > > > And I'm not sure I need the .ssh in there. Does amanda ever use that > > user? > > I believe amanda would use ssh if you configure it with ssh auth. Right. But so far it has not. It appears that compiling amanda does not require that user. Running it of course does require a user. But on debian, that user is backup:backup. Thanks for the feedback! -- "When we talk of civilization, we are too apt to limit the meaning of the word to its mere embellishments, such as arts and sciences; but the true distinction between it and barbarism is, that the one presents a state of society under the protection of just and well-administered law, and the other is left to the chance government of brute force." - The Rev. James White, Eighteen Christian Centuries, 1889 Key fingerprint = CE5C 6645 A45A 64E4 94C0 809C FFF6 4C48 4ECD DFDB https://charlescurley.com
