Win10-Client TLS Handshake faild
227 views
Skip to first unread message
Sven Gehr
Aug 30, 2020, 8:03:07 AM8/30/20
to bareos-users
Hi@all,
I have installed Bareos 17.2.1-7 under UCS 4.4.5 The backup of the Linux clients works fine.
On a Windows VM I have installed the client winbareos-19.2.7-release-64-bit.exe
On a Windows VM I have installed the client winbareos-19.2.7-release-64-bit.exe
** On Server **
/etc/bareos/autogenerated/clients/winsrv01.seiler.lan.include:
Client {
Name = "winsrv01.seiler.lan-fd"
Address = "winsrv01.seiler.lan"
Password = "12345678"
}
Job {
Name = "Backup-winsrv01.seiler.lan"
Client = "winsrv01.seiler.lan-fd"
JobDefs = "DefaultJob"
FileSet = "Windows All Drives"
Schedule = "WeeklyCycle"
Enabled = "Yes"
}
Name = "winsrv01.seiler.lan-fd"
Address = "winsrv01.seiler.lan"
Password = "12345678"
}
Job {
Name = "Backup-winsrv01.seiler.lan"
Client = "winsrv01.seiler.lan-fd"
JobDefs = "DefaultJob"
FileSet = "Windows All Drives"
Schedule = "WeeklyCycle"
Enabled = "Yes"
}
/etc/bareos/autogenerated/clients/winsrv01.seiler.lan.secret:
12345678
** On client **
C:\ AppData\Bareos\bareos-fd.d\client\myself.conf
Client {
Name = winsrv01.seiler.lan-fd
Maximum Concurrent Jobs = 20
}
Name = winsrv01.seiler.lan-fd
Maximum Concurrent Jobs = 20
}
C:\ AppData\Bareos\bareos-fd.d\director\bareos-dir.conf
Director {
Name = bareos-dir
Password = "12345678"
Description = "Allow the configured Director to access this file daemon."
}
Name = bareos-dir
Password = "12345678"
Description = "Allow the configured Director to access this file daemon."
}
C:\ AppData\Bareos\bareos-fd.d\director\bareos-mon.conf
Director {
Name = bareos-mon
Password = "12345678"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this file daemon."
}
Name = bareos-mon
Password = "12345678"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this file daemon."
}
The first thing that surprises me is that I get the message "TLS Handshake faild" after a short time in the Bareos systray on the Windows client after restarting it.
However, the test is successful on the server:
*status client=winsrv01.seiler.lan-fd
Connecting to Client winsrv01.seiler.lan-fd at winsrv01.seiler.lan:9102
Probing client protocol... (result will be saved until config reload)
Handshake: Immediate TLS, Encryption: PSK-AES256-CBC-SHA
winsrv01.seiler.lan-fd Version: 19.2.7 (16 April 2020) VSS Linux Cross-compile Win64
Daemon started 30-Aug-20 13:08. Jobs: run=0 running=0, bareos.org build binary
Microsoft Windows 8 Professional (build 9200), 64-bit
Sizeof: boffset_t=8 size_t=8 debug=0 trace=1 bwlimit=0kB/s
Running Jobs:
bareos-dir (director) connected at: 30-Aug-20 13:36
No Jobs running.
====
Terminated Jobs:
JobId Level Files Bytes Status Finished Name
======================================================================
Connecting to Client winsrv01.seiler.lan-fd at winsrv01.seiler.lan:9102
Probing client protocol... (result will be saved until config reload)
Handshake: Immediate TLS, Encryption: PSK-AES256-CBC-SHA
winsrv01.seiler.lan-fd Version: 19.2.7 (16 April 2020) VSS Linux Cross-compile Win64
Daemon started 30-Aug-20 13:08. Jobs: run=0 running=0, bareos.org build binary
Microsoft Windows 8 Professional (build 9200), 64-bit
Sizeof: boffset_t=8 size_t=8 debug=0 trace=1 bwlimit=0kB/s
Running Jobs:
bareos-dir (director) connected at: 30-Aug-20 13:36
No Jobs running.
====
Terminated Jobs:
JobId Level Files Bytes Status Finished Name
======================================================================
*estimate client=winsrv01.seiler.lan-fd
The defined Job resources are:
1: RestoreFiles
2: Backup-SelfTest
3: BackupCatalog
4: backup-bareos-fd
5: Backup-wints01.seiler.lan
6: Backup-winsrv01.seiler.lan
7: Backup-master.seiler.lan
8: Backup-kolab.seiler.lan
Select Job resource (1-8): 6
Using Catalog "MyCatalog"
Connecting to Client winsrv01.seiler.lan-fd at winsrv01.seiler.lan:9102
2000 OK estimate files=211,337 bytes=73,537,000,557
The defined Job resources are:
1: RestoreFiles
2: Backup-SelfTest
3: BackupCatalog
4: backup-bareos-fd
5: Backup-wints01.seiler.lan
6: Backup-winsrv01.seiler.lan
7: Backup-master.seiler.lan
8: Backup-kolab.seiler.lan
Select Job resource (1-8): 6
Using Catalog "MyCatalog"
Connecting to Client winsrv01.seiler.lan-fd at winsrv01.seiler.lan:9102
2000 OK estimate files=211,337 bytes=73,537,000,557
the backup also works. Why do I get this message?
with best
sven
aeron...@gmail.com
Aug 30, 2020, 9:17:44 AM8/30/20
to bareos...@googlegroups.com
Don't know if this helps but I recently had a similar problem. All of my software is on 19.2.7
Backups worked fine but tray-monitor for the new windows computer installation failed with the same message you got.
Finally found that the Bareos-fd.d/bareos-mon.conf file did not use in my case Name=linux-server-dir which is what is described on my server director software for the monitor.
you might check your server directror name for monitor and see if it is the same.
--
You received this message because you are subscribed to the Google Groups "bareos-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bareos-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bareos-users/3bd98b15-6a69-4d46-8564-71cab5cc91ddn%40googlegroups.com.
Sven Gehr
Aug 30, 2020, 10:31:11 AM8/30/20
to bareos-users
on the server is in all files bareos-mon.conf the name "bareos-mon":
root@kvm01:/etc/bareos# cat bareos-dir.d/console/bareos-mon.conf
Console {
Name = bareos-mon
Description = "Restricted console used by tray-monitor to get the status of the director."
Password = "12345678"
CommandACL = status, .status
JobACL = *all*
}
root@kvm01:/etc/bareos# cat bareos-sd.d/director/bareos-mon.conf
Director {
Name = bareos-mon
Password = "12345678"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this storage daemon."
}
root@kvm01:/etc/bareos# cat bareos-fd.d/director/bareos-mon.conf
Director {
Name = bareos-mon
Password = "12345678"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this file daemon."
}
root@kvm01:/etc/bareos# cat bareos-dir.d/console/bareos-mon.conf
Console {
Name = bareos-mon
Description = "Restricted console used by tray-monitor to get the status of the director."
Password = "12345678"
CommandACL = status, .status
JobACL = *all*
}
root@kvm01:/etc/bareos# cat bareos-sd.d/director/bareos-mon.conf
Director {
Name = bareos-mon
Password = "12345678"
Monitor = yes
}
root@kvm01:/etc/bareos# cat bareos-fd.d/director/bareos-mon.conf
Director {
Name = bareos-mon
Password = "12345678"
Monitor = yes
Description = "Restricted Director, used by tray-monitor to get the status of this file daemon."
}
On the Client, the File C:\ProgramData\Bareos\bareos-fd.d\director\bareos-mon.con it is the same :-(
Andreas Rogge
Aug 31, 2020, 4:50:38 AM8/31/20
to bareos...@googlegroups.com
Hi Sven,
you cannot attach a newer client to an older director.
If you need to stay on Bareos 17.2 (which will probably see its End of
Life at the end of this year), you will have to use the packages for
17.2 on the client.
Best Regards,
Andreas
--
Andreas Rogge andrea...@bareos.com
Bareos GmbH & Co. KG Phone: +49 221-630693-86
http://www.bareos.com
Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646
Komplementär: Bareos Verwaltungs-GmbH
Geschäftsführer: S. Dühr, M. Außendorf, J. Steffens, Philipp Storz
you cannot attach a newer client to an older director.
If you need to stay on Bareos 17.2 (which will probably see its End of
Life at the end of this year), you will have to use the packages for
17.2 on the client.
Best Regards,
Andreas
--
Andreas Rogge andrea...@bareos.com
Bareos GmbH & Co. KG Phone: +49 221-630693-86
http://www.bareos.com
Sitz der Gesellschaft: Köln | Amtsgericht Köln: HRA 29646
Komplementär: Bareos Verwaltungs-GmbH
Geschäftsführer: S. Dühr, M. Außendorf, J. Steffens, Philipp Storz
Reply all
Reply to author
Forward
0 new messages