Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Self Service Configuration Guide
  3. Configuring a NetBackup primary server
  4. Enabling communication with a UNIX NetBackup primary server
NetBackup™ Self Service Configuration Guide

Enabling communication with a UNIX NetBackup primary server

Note:

This section is only required for pre-NetBackup 10.3 versions. For NetBackup 10.3 and later it is not required.

NetBackup Self Service uses Secure Shell (SSH) to communicate with a UNIX NetBackup primary server. The configuration of SSH is outside the scope of this guide. NetBackup Self Service, however, requires the credentials to communicate with the SSH server on the primary server.

  • By default SSH uses Port 22.

    To specify a different port, set the server name to server_name:port_number. For example, MyServer:23.

  • The user account that NetBackup Self Service uses to logon to SSH on the primary server needs sudo configuration:

    • The user account should not use requiretty.

    • The user account should not require a sudo password.

    • With sudo, the user account should run all commands in /usr/openv/netbackup/bin and /usr/openv/netbackup/bin/admincmd.

User authentication modes that are supported include:

  • Password

    NetBackup Self Service passes the user name and password at logon.

  • Public key

    The public key of the user is stored in the authorized_keys for the user on the primary server. The private key of the user is stored in OpenSSH format in the NetBackup Self Service portal.

  • Keyboard-interactive

    NetBackup Self Service sends the password for the user to a keyboard-interactive ssh session. The password is sent in response to a configurable password prompt. The default password prompt is Password:.

To configure NetBackup Self Service and the NetBackup primary server for public key authentication

  1. Create a Public Private key pair using a key generator like PuTTYgen.
  2. Log on to the primary server as the required primary server user
  3. Add the public key to the user's authorized_keys file in the primary server's operating system format.
  4. Convert the Private key into OpenSSH format encrypted with a passphrase
    -----BEGIN RSA PRIVATE KEY-----
    Proc-Type: 4,ENCRYPTED
    DEK-Info: DES-EDE3-CBC,997295A8E365412F
    
    SIKdyjX4UoDm03kprqfkCGQYc/thmNIlWYztEomjyRaMyEYlh0ZIC9Kx7XnMNnSk
    ...
    MUxIcZW8d8fF3P4s+OLidxG03H6C/AsGLzJtpecjPQA=
    -----END RSA PRIVATE KEY-----
  5. When you create the backup server in NetBackup Self Service:
    • Choose Public Key for the Authentication.

    • Enter the user account to connect to the primary server in User Account.

    • Paste the encrypted OpenSSH format private key in OpenSSH Private Key.

    • Enter the passphrase in Password and Confirm Password.

More information about testing the connection once you have created your first backup server is available.

See Configuring backup servers.

Feedback

Was this page helpful?
Previous

Enabling communication with a Windows NetBackup primary server

Next

Enabling communication with a NetBackup appliance

Feedback

Was this page helpful?