Administration Guide › Log Storage › Configuring Non-Interactive Authentication for Restore
Configuring Non-Interactive Authentication for Restore
After you configure non-interactive ssh authentication between the remote storage server and the destination server, you can use the restore-ca-elm shell script to restore the archived databases on demand. For restore, the remote storage server is the source and the reporting CA Enterprise Log Manager or restore point CA Enterprise Log Manager is the destination.
The processes are slightly different, depending on whether the destination is a reporting server or a dedicated restore point.
- If you use a dedicated restore point, you set up non-interactive authentication once and then use it for every restore. The procedure sets up the .ssh directory on the restore point with the required ownership and sets permissions on the key file.
- If you restore archived databases from the remote storage server to multiple reporting servers, you set up non-interactive authentication between each server pair. You create the key pair once, but you copy the same public key of the key pair to each destination reporting server. For example, copy the public key as authorized_keys_RSS from the remote storage server to each reporting server. On each reporting server, you concatenate the authorized_keys_RSS file to the existing authorized_keys file. The existing file contains the public keys copied from each collection server.
Both processes assume that you previously prepared the remote storage server to act as the destination server for auto archive, which requires non-interactive authentication. If preparation has not been done, see "Create a Directory Structure with Ownerships on the Remote Storage Server" in the Implementation Guide for guidance.
More information:
Example: Configure Authentication From Remote Storage to a Restore Point
Example: Configure Authentication From a Storage Server to a Reporting Server
Create a Directory Structure with Ownerships on the Remote Storage Server
