cancel
Showing results for 
Search instead for 
Did you mean: 

Backup Failed after enable client encryption

yskw1024
Level 2

Hi All,

 

I am recently doing client encryption testing.  I had enabled encryption on both the policy shcedule and client perporities.

 

But after that, the backup failed with below error:

12/7/2011 4:35:23 PM - Error bpbrm(pid=6984) could not send server status message      
12/7/2011 4:35:25 PM - end writing; write time: 00:00:29
allocation failed(10)
12/7/2011 4:35:30 PM - Info bpbkar32(pid=3528) done. status: 10: allocation failed       

 

Both the client and server was 7.1

1 ACCEPTED SOLUTION

Accepted Solutions

VirtualED
Level 5
Employee Accredited Certified

Did you configure the keys on the client?

C:\Program Files\VERITAS\NetBackup\bin>bpkeyutil -display

See Page 37 and Page 266 of the NetBackup Security and Encryption Guide.

Standard encryption backup process

The prerequisites for encrypting a standard backup are as follows:

Note: In NetBackup 7.1 the encryption software is automatically installed with

the NetBackup UNIX server and client installations.

A key file must exist. The key file is created when you run the bpkeyutil

command from the server or from the client.

The Encryption attribute must be selected on the NetBackup policy that

includes the client.

If the prerequisites are met, the backup takes place as follows:

The client takes the latest key from the key file.

For each file that is backed up, the following occurs:

The client creates an encryption tar header. The tar header contains a

checksum of the key and the cipher that NetBackup used for encryption.

To write the file data that was encrypted with the key, the client uses the

cipher that the CRYPT_CIPHER configuration entry defines. (The default

cipher is AES-128-CFB.)

Note: Only file data is encrypted. File names and attributes are not encrypted.

The backup image on the server includes a flag that indicates whether the

backup was encrypted.

View solution in original post

3 REPLIES 3

markdavies1978
Level 5

Unix or Windows?

VirtualED
Level 5
Employee Accredited Certified

Did you configure the keys on the client?

C:\Program Files\VERITAS\NetBackup\bin>bpkeyutil -display

See Page 37 and Page 266 of the NetBackup Security and Encryption Guide.

Standard encryption backup process

The prerequisites for encrypting a standard backup are as follows:

Note: In NetBackup 7.1 the encryption software is automatically installed with

the NetBackup UNIX server and client installations.

A key file must exist. The key file is created when you run the bpkeyutil

command from the server or from the client.

The Encryption attribute must be selected on the NetBackup policy that

includes the client.

If the prerequisites are met, the backup takes place as follows:

The client takes the latest key from the key file.

For each file that is backed up, the following occurs:

The client creates an encryption tar header. The tar header contains a

checksum of the key and the cipher that NetBackup used for encryption.

To write the file data that was encrypted with the key, the client uses the

cipher that the CRYPT_CIPHER configuration entry defines. (The default

cipher is AES-128-CFB.)

Note: Only file data is encrypted. File names and attributes are not encrypted.

The backup image on the server includes a flag that indicates whether the

backup was encrypted.

yskw1024
Level 2

Hi VirtualED,

 

Thanks.

 

i use bpkeyutil to create the key and it can backup now.