Linux

使用 SSH 的 Amanda 備份使客戶端和本地主機都失敗

  • April 30, 2013

我正在嘗試讓 Amanda 使用 SSH 身份驗證。在我將它安裝在伺服器上並使用硬碟作為磁帶進行基本配置後,我啟動並執行它,但沒有客戶端支持。但至少我確實在我的本地機器上得到了備份。

然後我想讓它與 SSH 和 ssh-keys 一起工作。困擾我的一件事是我的本地備份不再起作用:

backup@backup-test:~$ amcheck DailySet1
Amanda Tape Server Host Check
-----------------------------
Holding disk /dumps/: 144007168 kB disk space available, using 144007168 kB
found in slot 2: volume 'DailySet1-02'
slot 2: volume 'DailySet1-02' is still active and cannot be overwritten
found in slot 3: volume 'DailySet1-03'
slot 3: volume 'DailySet1-03' is still active and cannot be overwritten
found in slot 4: volume 'DailySet1-04'
slot 4: volume 'DailySet1-04'
Will write to volume 'DailySet1-04' in slot 4.
NOTE: skipping tape-writable test
NOTE: info dir /etc/amanda/DailySet1/curinfo/localhost/_etc_xinetd.d_ does not exist
NOTE: it will be created on the next run.
NOTE: index dir /etc/amanda/DailySet1/index/localhost/_etc_xinetd.d_ does not exist
NOTE: it will be created on the next run.
NOTE: host info dir /etc/amanda/DailySet1/curinfo/10.0.10.17 does not exist
NOTE: it will be created on the next run.
NOTE: index dir /etc/amanda/DailySet1/index/10.0.10.17 does not exist
NOTE: it will be created on the next run.
NOTE: host info dir /etc/amanda/DailySet1/curinfo/10.0.10.19 does not exist
NOTE: it will be created on the next run.
NOTE: index dir /etc/amanda/DailySet1/index/10.0.10.19 does not exist
NOTE: it will be created on the next run.
Server check took 2.473 seconds
Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
Permission denied (publickey,password).
*****************************************************************************

                           NOTICE TO USERS

    WARNING! The use of this system is restricted to authorized users.

      All information and communications on this system are subject
            to review, monitoring and recording at any time,
          without notice or premission. Users should have no
                      expectation of privacy.

*****************************************************************************
Permission denied (publickey,password).
*****************************************************************************

                           NOTICE TO USERS

    WARNING! The use of this system is restricted to authorized users.

      All information and communications on this system are subject
            to review, monitoring and recording at any time,
          without notice or premission. Users should have no
                      expectation of privacy.

*****************************************************************************
Permission denied (publickey,password).

Amanda Backup Client Hosts Check
--------------------------------
WARNING: 127.0.0.1: selfcheck request failed: EOF on read from 127.0.0.1
WARNING: localhost: selfcheck request failed: EOF on read from localhost
WARNING: 10.0.10.19: selfcheck request failed: EOF on read from 10.0.10.19
WARNING: 10.0.10.17: selfcheck request failed: EOF on read from 10.0.10.17
Client check: 4 hosts checked in 0.457 seconds.  4 problems found.

(brought to you by Amanda 3.3.0)

是的,我知道我有兩個本地主機地址,但我也想確保這不是名稱錯誤。

如您在上面看到的另一部分是遠端客戶端上的 EOF 錯誤。一切都在同一個網路中,並且都是同一主機伺服器上的虛擬機。SSH 對於我使用的使用者來說是雙向的。我也看到了所有權限。這是我的 amcheck 日誌的範例:

Sun Apr 28 17:01:27 2013: amcheck: pid 30886 ruid 0 euid 34 version 3.3.0: start at Sun Apr 28 17:01:27 2013
Sun Apr 28 17:01:27 2013: amcheck: pid 30886 ruid 0 euid 34 version 3.3.0: rename at Sun Apr 28 17:01:27 2013
Sun Apr 28 17:01:27 2013: amcheck-clients: security_getdriver(name=ssh) returns 0x7f47b4fb9840
Sun Apr 28 17:01:27 2013: amcheck-clients: security_handleinit(handle=0x8fbb80, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_streaminit(stream=0x901c80, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: exec: /usr/bin/ssh SSH_OPTIONS -l backup -p 22 -i /var/backups/.ssh/id_rsa 127.0.0.1 /usr/lib/amanda/amandad -auth=ssh
Sun Apr 28 17:01:27 2013: amcheck-clients: tcpm_send_token: data is still flowing
Sun Apr 28 17:01:27 2013: amcheck-clients: security_getdriver(name=ssh) returns 0x7f47b4fb9840
Sun Apr 28 17:01:27 2013: amcheck-clients: security_handleinit(handle=0x8fd9f0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_streaminit(stream=0x909ce0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: exec: /usr/bin/ssh SSH_OPTIONS -l backup -p 22 -i /var/backups/.ssh/id_rsa localhost /usr/lib/amanda/amandad -auth=ssh
Sun Apr 28 17:01:27 2013: amcheck-clients: tcpm_send_token: data is still flowing
Sun Apr 28 17:01:27 2013: amcheck-clients: security_getdriver(name=ssh) returns 0x7f47b4fb9840
Sun Apr 28 17:01:27 2013: amcheck-clients: security_handleinit(handle=0x8fe5f0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-server: Spawning "/usr/lib/amanda/amcheck-device /usr/lib/amanda/amcheck-device DailySet1" in pipeline
Sun Apr 28 17:01:27 2013: amcheck-clients: security_streaminit(stream=0x911d40, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: exec: /usr/bin/ssh SSH_OPTIONS -l backup -p 22 -i /var/backups/.ssh/id_rsa 10.0.10.17 /usr/lib/amanda/amandad -auth=ssh
Sun Apr 28 17:01:27 2013: amcheck-clients: tcpm_send_token: data is still flowing
Sun Apr 28 17:01:27 2013: amcheck-clients: security_getdriver(name=ssh) returns 0x7f47b4fb9840
Sun Apr 28 17:01:27 2013: amcheck-clients: security_handleinit(handle=0x8ff420, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_streaminit(stream=0x919da0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: exec: /usr/bin/ssh SSH_OPTIONS -l backup -p 22 -i /var/backups/.ssh/id_rsa 10.0.10.19 /usr/lib/amanda/amandad -auth=ssh
Sun Apr 28 17:01:27 2013: amcheck-clients: tcpm_send_token: data is still flowing
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_seterr(0x901c80, SOCKET_EOF)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_seterror(handle=0x8fbb80, driver=0x7f47b4fb9840 (SSH) error=EOF on read from 127.0.0.1)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_close(handle=0x8fbb80, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_close(0x901c80)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_seterr(0x909ce0, SOCKET_EOF)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_seterror(handle=0x8fd9f0, driver=0x7f47b4fb9840 (SSH) error=EOF on read from localhost)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_close(handle=0x8fd9f0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_close(0x909ce0)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_seterr(0x919da0, SOCKET_EOF)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_seterror(handle=0x8ff420, driver=0x7f47b4fb9840 (SSH) error=EOF on read from 10.0.10.19)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_close(handle=0x8ff420, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_close(0x919da0)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_seterr(0x911d40, SOCKET_EOF)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_seterror(handle=0x8fe5f0, driver=0x7f47b4fb9840 (SSH) error=EOF on read from 10.0.10.17)
Sun Apr 28 17:01:27 2013: amcheck-clients: security_close(handle=0x8fe5f0, driver=0x7f47b4fb9840 (SSH))
Sun Apr 28 17:01:27 2013: amcheck-clients: security_stream_close(0x911d40)
Sun Apr 28 17:01:29 2013: amcheck-server: userbad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: confbad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: tapebad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: disklow: 0
Sun Apr 28 17:01:29 2013: amcheck-server: logbad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: infobad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: indexbad: 0
Sun Apr 28 17:01:29 2013: amcheck-server: pgmbad: 0
Sun Apr 28 17:01:29 2013: amcheck: pid 30886 finish time Sun Apr 28 17:01:29 2013

配置 amanda.conf:

org             "DailySet1"  # your organization name for reports
mailto          "root@localhost"  # space separated list of operators at your site
dumpuser        "backup"       # the user to run dumps under

logdir   "/etc/amanda/DailySet1/logs"           # log directory
infofile "/etc/amanda/DailySet1/curinfo"        # database filename
indexdir "/etc/amanda/DailySet1/index"          # index directory
tapelist "/etc/amanda/DailySet1/tapelist"       # list of used tapes

tapecycle 9 tapes
tapetype DISK
tpchanger "chg-disk"
changerfile "/etc/amanda/DailySet1/changer" # needed by amlabel
tapedev "file:/space/vtapes/DailySet1/slots"

define tapetype DISK {
 comment "Backup to HD"
 length 5 gbytes
}

# comment holding disk section if needed
holdingdisk hd1 {
 directory "/dumps/"
}

# to be used by any other dumptype
define dumptype global {
 comment "Global definitions"
 index yes
 record yes
 auth "ssh"
 ssh_keys "/var/backups/.ssh/id_rsa"
 client_username "backup"
}

define dumptype daily {
 global
 comment "daily dumptype"
 compress client fast
 program "GNUTAR"
 strategy standard
 priority high
 exclude list "/etc/amanda/DailySet1/global-debian-exclude.list"
}

配置 amandahosts:

10.0.0.129 backup amindexd amidxtaped
10.0.0.129 backup amdump
localhost backup amindexd amidxtaped
localhost backup amdump
10.0.10.17 backup amindexd amidxtaped
10.0.10.17 backup amdump
10.0.10.19 backup amindexd amidxtaped
10.0.10.19 backup amdump

來自客戶端的日誌:

Sun Apr 28 17:01:27 2013: amandad: pid 32239 ruid 34 euid 34 version 3.3.0: start at   Sun Apr 28 17:01:27 2013
Sun Apr 28 17:01:27 2013: amandad: "/etc/amanda/amanda-client.conf", line 2: a quoted string is expected
Sun Apr 28 17:01:27 2013: amandad: "/etc/amanda/amanda-client.conf", line 2: end of line is expected

閱讀有關此問題的指南和論壇後,我一無所知。希望這裡有人可能有線索。

那麼,是伺服器本身缺少 ssh 密鑰的問題嗎?如果您的問題是這樣,請將其標記為已解決,以便其他人可以從您的經驗中受益。

引用自:https://serverfault.com/questions/503335