Re: [TCLUG:19811] Amanda encryption/security?

[Carl Wilhelm Soderstrom <chrome@real-time.com>]

> http://utcc.utoronto.ca/~pkern/stuff/amanda-patch/
> 
> Other references that I've found so far seem to indicate that encryption
> will be enabled in the 2.5.x series of Amanda, but I don't know when
> that will appear.
	based on what I saw of the developers' presentation, 2.5 is the technology of the future; always has been, always will be... ;>

	the current thinking is to run the traffic over a VPN tunnel of some sort.

> (Apparently, Linux's dump(8) program can handle SSH, just FYI.)  
	really? I looked at it a while ago, and didn't think it handled SSH at the time. cool that it does.
	now we just need to get SSH support into 'tar'. (it already will work over the r* connection)

>Would you recommend Amanda (apart from the encryption issue)?
	depends what you want to do with it.
	for casual users and those who have tape drives on each machine; I think it's entirely more complex than it needs to be. plain scripts using dump or tar (or cpio or afio) are much simpler and easier to understand.
	when doing backups/restores over a network, tho; it starts to make sense. this is what it's primarily designed to do; and has a lot of intelligent and useful features for this (local caching before writing to disk, intelligent scheduling).
	when dealing with an enterprise-scale environment; it's very good. it would seem to work well with tape changers, and the massively parallelizable, balanceable, and configurable network backup capabilities make it more than adequate. 

that said, I have no experience with Legato or Veritas' products; so I don't know how well it compares to them.

Carl Soderstrom
-------------------------------------------------------
Network Engineer
Real-Time Enterprises
(612) 943-8700