Enabling communication with a UNIX NetBackup primary server

Note:

This section is only required for pre-NetBackup 10.3 versions. For NetBackup 10.3 and later it is not required.

NetBackup Self Service uses Secure Shell (SSH) to communicate with a UNIX NetBackup primary server. The configuration of SSH is outside the scope of this guide. NetBackup Self Service, however, requires the credentials to communicate with the SSH server on the primary server.

By default SSH uses Port 22.
To specify a different port, set the server name to server_name:port_number. For example, MyServer:23.
The user account that NetBackup Self Service uses to logon to SSH on the primary server needs sudo configuration:
- The user account should not use requiretty.
- The user account should not require a sudo password.
- With sudo, the user account should run all commands in /usr/openv/netbackup/bin and /usr/openv/netbackup/bin/admincmd.

User authentication modes that are supported include:

Password
NetBackup Self Service passes the user name and password at logon.
Public key
The public key of the user is stored in the authorized_keys for the user on the primary server. The private key of the user is stored in OpenSSH format in the NetBackup Self Service portal.
Keyboard-interactive
NetBackup Self Service sends the password for the user to a keyboard-interactive ssh session. The password is sent in response to a configurable password prompt. The default password prompt is Password:.

To configure NetBackup Self Service and the NetBackup primary server for public key authentication

Create a Public Private key pair using a key generator like PuTTYgen.
Log on to the primary server as the required primary server user
Add the public key to the user's authorized_keys file in the primary server's operating system format.

Convert the Private key into OpenSSH format encrypted with a passphrase

-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,997295A8E365412F

SIKdyjX4UoDm03kprqfkCGQYc/thmNIlWYztEomjyRaMyEYlh0ZIC9Kx7XnMNnSk
...
MUxIcZW8d8fF3P4s+OLidxG03H6C/AsGLzJtpecjPQA=
-----END RSA PRIVATE KEY-----

When you create the backup server in NetBackup Self Service:
- Choose Public Key for the Authentication.
- Enter the user account to connect to the primary server in User Account.
- Paste the encrypted OpenSSH format private key in OpenSSH Private Key.
- Enter the passphrase in Password and Confirm Password.

More information about testing the connection once you have created your first backup server is available.

See Configuring backup servers.

Enabling communication with a UNIX NetBackup primary server

Feedback

Feedback