Enhanced Authentication

The standard authentication that NetBackup uses is based on the network address of the connecting machine. NetBackup trusts that the connecting machine is who it says it is.

Enhanced authentication is additional authentication for NetBackup programs that communicate through sockets. It allows each side of a NetBackup connection to verify the host and user on the other side of the connection, taking place after a NetBackup connection has been established, but before any NetBackup transactions have taken place. For example, enhanced authentication could be enforced when a backup or restore operation is started from a client or during remote administration.

Enhanced authentication is performed through a series of challenges and responses that require the exchange of secret password information. Passwords are defined during installation and configuration so users do not have to enter passwords each time they start a backup, archive, or restore.

There are two supported enhanced authentication methods:

• vopie – (VERITAS One-time Passwords In Everything)
  The vopie method authenticates user name, host names, and group/domain names.
• noauth authentication – ("No authorization" authorization)
  The noauth method exchanges user name, host names, and group/domain names, but makes no attempt to verify that the information is correct.