source-git / amanda

Clone
Source Code
GIT

Files

c8 c8s master
  1.   c8s
  2.   man
  3.   amcrypt.8
Blob Blame History Raw 
'\" t
.\"     Title: amcrypt
.\"    Author: Kevin Till <kevin.till@zmanda.com>
.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
.\"      Date: 12/01/2017
.\"    Manual: System Administration Commands
.\"    Source: Amanda 3.5.1
.\"  Language: English
.\"
.TH "AMCRYPT" "8" "12/01/2017" "Amanda 3\&.5\&.1" "System Administration Commands"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
amcrypt \- reference crypt program for Amanda symmetric data encryption
.SH "SYNOPSIS"
.HP \w'\fBamcrypt\fR\ 'u
\fBamcrypt\fR
.SH "DESCRIPTION"
.PP
\fBamcrypt\fR
requires
\fBaespipe\fR,
\fBuuencode\fR
and
\fBgpg\fR
to work\&. Aespipe is available from
: http://loop-aes.sourceforge.net
.PP
\fBamcrypt\fR
will search for the aespipe program in the following directories: /usr/bin:/usr/local/bin:/sbin:/usr/sbin\&.
.PP
\fBamcrypt\fR
calls
\fBamaespipe\fR
and pass the
\fBpassphrase\fR
through file descriptor 3\&. The passphrase should be stored in ~amanda/\&.am_passphrase\&.
.SH "HOW TO CREATE ENCRYPTION KEYS FOR AMCRYPT"
.PP
1\&. Create 65 random encryption keys and encrypt those keys using gpg\&. Reading from /dev/random may take indefinitely long if kernel\*(Aqs random entropy pool is empty\&. If that happens, do some other work on some other console (use keyboard, mouse and disks)\&.
.PP
head \-c 2925 /dev/random | uuencode \-m \- | head \-n 66 | tail \-n 65 \e | gpg \-\-symmetric \-a > ~amanda/\&.gnupg/am_key\&.gpg
.PP
This will ask for a passphrase\&. Remember this passphrase as you will need it in the next step\&.
.PP
2\&. Store the passphrase inside the home\-directory of the AMANDA\-user and protect it with proper permissions:
.nf
echo my_secret_passphrase > ~amanda/\&.am_passphrase
chown amanda:disk ~amanda/\&.am_passphrase
chmod 700 ~amanda/\&.am_passphrase
.fi
.SH "KEY AND PASSPHRASE"
.PP
\fBamcrypt\fR
uses the same key to encrypt and decrypt data\&.
.PP
It is very important to store and protect the key and the passphrase properly\&. Encrypted backup data can
\fBonly\fR
be recovered with the correct key and passphrase\&.
.SH "SEE ALSO"
.PP
\fBamanda\fR(8),
\fBamanda.conf\fR(5),
\fBaespipe\fR(1),
\fBamaespipe\fR(8),
\fBgpg\fR(1)
.PP
The Amanda Wiki:
: http://wiki.zmanda.com/
.SH "AUTHOR"
.PP
\fBKevin Till\fR <\&kevin\&.till@zmanda\&.com\&>
.RS 4
Zmanda, Inc\&. (http://www\&.zmanda\&.com)
.RE

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation