[Box Backup] Signing Server Certificate Fails.
Ben Summers
boxbackup@fluffy.co.uk
Thu, 28 Oct 2004 11:39:34 +0100
On 28 Oct 2004, at 10:35, Nigel Marsh wrote:
> I do not find the install and setup instructions complicated. What I
> do find
> though is that for a newcomer, a typical client install requires
> jumping from
> one page to another and then back. The docs on the web site are nicely
> separated by subject but, not by setup. If you had a page that just
> listed a
> client setup from start to finish, that may aleviate some of the
> problems
> that some folk are having.
Do you mean a page of instructions, or a page listing the steps with
links to the information on the other pages? The latter would be
easiest to keep in step with everything else.
>
> I find that having the backup keys and CA on my laptop in my /home/ca
> dir
> helps a lot. I have recently bought a usb memory stick and intend to
> start
> keeping it all on that for security. That will certainly keep it off
> the net.
Yes, that's certainly a good start!
>
> Again, I have had zero problems with Box Backup and am very happy with
> the
> current setup. I run clients successfully on Suse 9.1, Debian Sarge
> and
> Gentoo with the server on a Suse 9.1 box. I await with anticipation the
> emergence of clients for OSX and Windows.
The Mac OS X port is already perfectly functional, except that it
doesn't back up the resource forks of files which may be a problem for
some users. I just need to add multiple stream support into the system,
and then it will be complete. Not a big job, but I haven't quite yet
decided on the best way of doing it, and it isn't the highest priority
at the moment.
>
> As an aside. I have not seen this mentioned but just if anyone is
> interested.
> My clients are small businesses that tend to be between 5 and 100
> employees
> that have one or two servers. All backup is done to our office over
> the net.
> As some of the larger clients are backing up, up to 100G, I keep a
> clone of
> the backup server on my laptop for initial backup on their own LAN.
> The
> laptop backs up to a firewire drive and the client account and backed
> up data
> is then just copied to the server back at the office. For this initial
> backup I edit the clients /etc/hosts file to tell it that the backup
> servers
> name resolves to the laptop on the local LAN and remove the entry once
> done.
Yes, this is a good solution. Note that you don't have to actually use
the same server name, as long as both servers are signed by the same
CA. The only thing which needs to stay the same is the account number.
So you could configure against the laptop, then change the name of the
server in the bbackupd.conf file afterwards, rather than messing around
with /etc/hosts files. Keeps everything in one place.
Ben