[Box Backup] Signing Server Certificate Fails.

Ben Summers boxbackup@fluffy.co.uk
Thu, 28 Oct 2004 11:39:34 +0100


On 28 Oct 2004, at 10:35, Nigel Marsh wrote:

> I do not find the install and setup instructions complicated. What I 
> do find
> though is that for a newcomer, a typical client install requires 
> jumping from
> one page to another and then back. The docs on the web site are nicely
> separated by subject but, not by setup. If you had a page that just 
> listed a
> client setup from start to finish, that may aleviate some of the 
> problems
> that some folk are having.

Do you mean a page of instructions, or a page listing the steps with 
links to the information on the other pages? The latter would be 
easiest to keep in step with everything else.

>
> I find that having the backup keys and CA on my laptop in my /home/ca 
> dir
> helps a lot. I have recently bought a usb memory stick and intend to 
> start
> keeping it all on that for security. That will certainly keep it off 
> the net.

Yes, that's certainly a good start!

>
> Again, I have had zero problems with Box Backup and am very happy with 
> the
> current setup.  I run clients successfully on Suse 9.1, Debian Sarge 
> and
> Gentoo with the server on a Suse 9.1 box. I await with anticipation the
> emergence of clients for OSX and Windows.

The Mac OS X port is already perfectly functional, except that it 
doesn't back up the resource forks of files which may be a problem for 
some users. I just need to add multiple stream support into the system, 
and then it will be complete. Not a big job, but I haven't quite yet 
decided on the best way of doing it, and it isn't the highest priority 
at the moment.

>
> As an aside. I have not seen this mentioned but just if anyone is 
> interested.
> My clients are small businesses that tend to be between 5 and 100 
> employees
> that have one or two servers. All backup is done to our office over 
> the net.
> As some of the larger clients are backing up, up to 100G, I keep a 
> clone of
> the backup server on my laptop for initial backup on their own LAN.  
> The
> laptop backs up to a firewire drive and the client account and backed 
> up data
> is then just copied to the server back at the office.  For this initial
> backup I edit the clients /etc/hosts file to tell it that the backup 
> servers
> name resolves to the laptop on the local LAN and remove the entry once 
> done.

Yes, this is a good solution. Note that you don't have to actually use 
the same server name, as long as both servers are signed by the same 
CA. The only thing which needs to stay the same is the account number. 
So you could configure against the laptop, then change the name of the 
server in the bbackupd.conf file afterwards, rather than messing around 
with /etc/hosts files. Keeps everything in one place.

Ben