I am setting up Amanda to backup a small network of Ubuntu 16.04 servers and desktops. Let's say U1 is the backup server and U2 is a client. Each has an account named "backup" without a login shell or password (created by default in Ubuntu). I want backup@U1
to SSH to backup@U2
using keys, not passwords. From what I understand, it is more secure if backup does not have a login or password, but can only be accessed by ssh keys.
I have generated the SSH keys and copied U1's public key to U2's backup home directory /var/backups/.ssh/authorized_keys
(with backup as owner). I have also copied the U2's host key to U1 /var/backups/.ssh/known_hosts
. When I try to ssh from U1 to U2
sudo -u backup ssh -i /etc/amanda/MyConfig/ssh-key U2.example.com
I get
This account is currently not available.
I can ssh from my account on U1 to another account on U2, so I know ssh is working between the two machines. From the message, I am guessing that the lack of a password/login on the backup account is the problem. How can I set this up securely so that Amanda can ssh to the clients to backup the network?