====== Amanda client installation (Debian 6) ======
The Amanda client is installed on remote machines which you'd like to backup. The "server" in this case is the machine which is connected to the tape drive, and is the one responsible for initiating backups.

Download page: http://www.zmanda.com/download-amanda.php

====== Install ======

===== Download =====
Download Amanda client package for Debian 6: http://www.zmanda.com/download-amanda.php

<code>wget http://www.zmanda.com/downloads/community/Amanda/3.3.1/Debian-6.0/amanda-backup-client_3.3.1-1Debian60_amd64.deb</code>

===== Install pre-requisites =====
The Amanda package depends on various other packages, install them before trying to install Amanda:

<code>sudo apt-get update
sudo apt-get install libcurl3 xinetd libssh2-1 libglib2.0-0</code>
===== Install Amanda =====
<code>sudo dpkg -i amanda-backup-client_3.3.1-1Debian60_amd64.deb</code>

====== Configure ======

===== Client =====

==== SSH keys for backup ====
The Amanda server will connect to the client as the user ''amandabackup'' using SSH.  To make this process as seamless as possible, we need to configure password-less authentication using SSH keys.  See the [[http://wiki.zmanda.com/index.php/How_To:Set_up_transport_encryption_with_SSH|Amanda wiki on SSH auth]] for more details.

In a nutshell, you need to put the server's amdump SSH public key into the client's ''authorized_keys'' file.  Grab it from the backup server at //~amandabackup/.ssh/id_rsa_amdump.pub// and then paste it into the client's //~amandabackup/.ssh/authorized_keys// file:

<code>sudo su - amandabackup
vim .ssh/authorized_keys</code>

=== More security ===

For more security, prepend the key entry in //~amandabackup/.ssh/authorized_keys// with:
<code>from="192.168.5.25",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/usr/libexec/amanda/amandad -auth=ssh amdump" </code>

This limits the use of this key to the backup server's IP, as well as the amdump command.

==== amanda-client.conf ====
Configure the client's ///etc/amanda/amanda-client.conf// to specify the appropriate server, config, tape, etc:
<file>conf "daily"               # your config name

index_server "192.168.5.25"      # your amindexd server
tape_server  "192.168.5.25"      # your amidxtaped server
tapedev      "amrecover_changer"        # your tape device
                        # if not set, Use configure or ask server.
                        # if set to empty string "", ask server
                        # amrecover will use the changer if set to the value
                        # of 'amrecover_changer' in the server amanda.conf.

#   auth        - authentication scheme to use between server and client.
#                 Valid values are "bsd", "bsdudp", "bsdtcp", "krb5", "local",
#                 "rsh" and "ssh".  
#                 Default: [auth "bsdtcp"]
auth "ssh"

ssh_keys ""                        # your ssh keys file if you use ssh auth</file>

This is used when restoring data on the client (with ''amrecover'').  ''amrecover'' runs as root, and as such you need to add the client's 

==== Prepare amrecover ====

The first time you run amrecover it will try to SSH to the server.  You need to do this manually to accept the server's fingerprint:

<code>root@odk:~# ssh 192.168.5.25
The authenticity of host '192.168.5.25 (192.168.5.3)' can't be established.
RSA key fingerprint is dc:80:d2:a1:da:16:b8:b5:1e:47:15:16:29:4c:be:89.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.5.25' (RSA) to the list of known hosts.
root@192.168.5.25's password:

root@odk:~# ^C</code>

To connect and type "yes" is enough.  Don't bother logging in.
===== Server =====

==== Disk lists ====
Add the new client's disks to be backed up to the server's disk list, ///etc/amanda/taurustest/disklist//:
<code># tparvadb, web server
# must use the custom "ssh" backup type (see amanda.conf)
192.168.5.8     /       ssh-root-tar
192.168.5.8     /var    ssh-root-tar
192.168.5.8     /home   ssh-user-tar</code>

Make sure to use the "ssh" backup types (defined in ///etc/amanda/daily/amanda.conf//), as the default ''root-tar'' and ''user-tar'' are for local disks only.

==== SSH keys for recovery ====
Because ''amrecover'' runs as root, you need to copy root's ''id_rsa.pub'' to the server.  Grab it from the client at and then paste it into the server's //~amandabackup/.ssh/authorized_keys// file:

<code>sudo su - amandabackup
vim .ssh/authorized_keys</code>

=== More security ===
For more security, prepend the key entry in //~amandabackup/.ssh/authorized_keys// with:

<code>from="192.168.5.8",no-port-forwarding,no-X11-forwarding,no-agent-forwarding,command="/usr/libexec/amanda/amandad -auth=ssh amindexd amidxtaped" </code>

This limits the use of this key to the client's IP, as well as the recovery-only commands.
====== Test ======

==== amcheck ====
From the server, make sure the new client can be accessed:

<code>sudo su - amandabackup
amcheck -c daily 192.168.5.8</code>

You should see "0 problems found".  This means that the server should be able to backup the client successfully.

==== amrecover ====
From the client, make sure the server can be accessed:

<code>sudo su -
amrecover
sethost 192.168.5.8
listdisk</code>

You should be able to use ''sethost'' to set the hostname you want to restore.  Use ''listdisk'' and ''setdisk'' to browse any backups for that host.