In order to update /etc/services and /etc/inetd.conf, run

   /usr/local/libexec/amanda/patch-system --enable-index --enable-tape

You should check both of these files, verifying proper installation.

inetd(8) must be reloaded (or started). To enable it at boot, the
following line needs to be added to rc.conf.local(5):
inetd_flags=

You also need to create /operator/.amandahosts, which will contain the
FQDN of the tape server and the user allowed to access this machine.
The contents should look like this:

   backup.openbsd.org operator

The permissions of /operator/.amandahosts must be restricted:

   chmod u=rw /operator/.amandahosts
   chown operator:operator /operator/.amandahosts

Sample configuration files have been installed in
/usr/local/share/examples/amanda.


gpg flavor only:

Setup AMANDA as usual and make sure compression is enabled for the
dumptype declarations you plan to use. Generate the master keys for
your backups. Keep those keys and a copy of them in a very SAFE and
RELIABLE place:

   gpg --gen-key ... follow instructions

Export your resulting public key (gpg --list-keys shows them)
for installation on the backup clients:

   gpg --armor --export $MASTER-PUBKEY-ID > /tmp/master-pub.key

You need an additional secret GPG key for the backup user on the
client. There is one drawback in this configuration, the key must be
setup without a password. After key generation import the master public
key from above:

   gpg --import /tmp/master-pub.key

The imported key needs to be signed otherwise gnupg will not run
properly in batch mode:

   gpg --sign-key $MASTER-PUBKEY-ID

Add the following variables to /etc/amanda/amanda.gpg.conf:

   gpg_home="/operator/.gnupg"	# keyring location
   gpg_id="$MASTER-PUBKEY-ID"	# pub key id of master key

If you want to restore your backups import the secret master key and
unset the password. After restoration of your data delete this key
again!
