Hi,
I think my Veeam public key wasn't installed correctly.
Can someone tell me, how can I install it again?
This solution (https://helpcenter.veeam.com/docs/agent ... tml?ver=50) isn't really helpful for me because I couldn't find the veeamsnap-ueficert-5.0.2.4567-1.noarch
I've installed it on ubuntu.
My linux skills are not very well. So sorry, if this topic looks risible.
Best Regards
Patrick
-
Leitner
- Influencer
- Posts: 23
- Liked: never
- Joined: Mar 23, 2016 8:20 am
- Location: Austria
- Contact:
-
HannesK
- Product Manager
- Posts: 15136
- Liked: 3234 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Veeam public key
Hello,
as I cannot find the error message in your post, I assume that you got something like "GPG key signature on key... does not match" or "The following signatures were invalid:"... so my guess would be that https://www.veeam.com/kb2654 might help.
For anything else: That sounds like a technical issue. Please provide a support case ID for this issue, as requested when you click New Topic.
Best regards,
Hannes
as I cannot find the error message in your post, I assume that you got something like "GPG key signature on key... does not match" or "The following signatures were invalid:"... so my guess would be that https://www.veeam.com/kb2654 might help.
For anything else: That sounds like a technical issue. Please provide a support case ID for this issue, as requested when you click New Topic.
Best regards,
Hannes
-
Leitner
- Influencer
- Posts: 23
- Liked: never
- Joined: Mar 23, 2016 8:20 am
- Location: Austria
- Contact:
Re: Veeam public key
Thanks for your reply Hannes.
I didn't get any error message.
After installation and restart I've checked the MOK list with mokutil -l. There I couldn't see a certifiacte for veeam.
So I think the key enrollment doesn't worked correctly.
Best Regards
Patrick
I didn't get any error message.
After installation and restart I've checked the MOK list with mokutil -l. There I couldn't see a certifiacte for veeam.
So I think the key enrollment doesn't worked correctly.
Best Regards
Patrick
-
HannesK
- Product Manager
- Posts: 15136
- Liked: 3234 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Veeam public key
okay... asking the other way around... did you see any issues during backup or restore? Are you using Secure Boot?
but yes, agree, the documentation does not make sense... I also cannot find that file. Let me check that.
but yes, agree, the documentation does not make sense... I also cannot find that file. Let me check that.
-
Leitner
- Influencer
- Posts: 23
- Liked: never
- Joined: Mar 23, 2016 8:20 am
- Location: Austria
- Contact:
Re: Veeam public key
Now I've performed a backup:
The KB Article (https://www.veeam.com/kb2260):
Where can I find the veeamsnap-ueficert-5.0.2.4567-1.noarch?
Best Regards
Patrick
Code: Select all
20:24:15 Job BackupJob1 started at 2022-01-31 19:24:15 UTC
20:24:15 Preparing to backup
20:24:15 [error] Failed to create volume snapshot
20:24:16 [error] Failed to take volume snapshot
20:24:16 [error] Failed to perform backup
20:24:16 [error] Child execution has failed. Exit code: [1]
20:24:16 [error] Failed to load module [veeamsnap] with parameters [zerosnapdata=1 debuglogging=0 snapstore_block_size_pow=14 change_tracking_block_size_pow=18 logdir=/var/log/veeam fixflags=0 logmaxsize=15728640]
20:24:16 [error] Processing finished with errors at 2022-01-31 19:24:16 UTC
And now I'm back at beginning:For the pre-compiled veeamsnap module (kmod/kmp) the veeamsnap-ueficert package containing the module key must be enrolled using mokutil to allow the module to load.
Please refer to the User Guide for instructions. https://helpcenter.veeam.com/docs/agent ... ocess.html
Where can I find the veeamsnap-ueficert-5.0.2.4567-1.noarch?
Best Regards
Patrick
-
HannesK
- Product Manager
- Posts: 15136
- Liked: 3234 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Veeam public key
Hello,
okay, there are a few things
1) the quote is about pre-compiled modules (third word). For Ubuntu the modules are built directly on the machine via DKMS
2) I assume that after reboot, you chose the "continue boot" option instead of the "Enroll MOK" option
3) if 2 is true, then you need to import the key that was created earlier. The Debian Wiki describes it
Then the mokutil -N should show the new key.
Reboot the machine and select the "Enroll MOK" option.
If that does not work, please open a support case and post the case number for reference
Best regards,
Hannes
okay, there are a few things
1) the quote is about pre-compiled modules (third word). For Ubuntu the modules are built directly on the machine via DKMS
2) I assume that after reboot, you chose the "continue boot" option instead of the "Enroll MOK" option
3) if 2 is true, then you need to import the key that was created earlier. The Debian Wiki describes it
Code: Select all
mokutil --import /var/lib/shim-signed/mok/MOK.der
Reboot the machine and select the "Enroll MOK" option.
If that does not work, please open a support case and post the case number for reference
Best regards,
Hannes
-
Leitner
- Influencer
- Posts: 23
- Liked: never
- Joined: Mar 23, 2016 8:20 am
- Location: Austria
- Contact:
Re: Veeam public key
Thanks for your reply Hannes and sorry for the delay.
But this doesn't help. I'm getting allways the error "Failed to enroll new keys".
Also the argument --password or anything else doesnt work without getting an error message.
I think this is an issue from my BIOS (American Megatrends)(https://askubuntu.com/questions/1027585 ... ll-options).
My BIOS doesn't support any way to import the key manualy.
So my only solution was to disable secure boot.
And now all works fine.
Best Regards
Patrick
But this doesn't help. I'm getting allways the error "Failed to enroll new keys".
Also the argument --password or anything else doesnt work without getting an error message.
I think this is an issue from my BIOS (American Megatrends)(https://askubuntu.com/questions/1027585 ... ll-options).
My BIOS doesn't support any way to import the key manualy.
So my only solution was to disable secure boot.
And now all works fine.
Best Regards
Patrick
-
HannesK
- Product Manager
- Posts: 15136
- Liked: 3234 times
- Joined: Sep 01, 2014 11:46 am
- Full Name: Hannes Kasparick
- Location: Austria
- Contact:
Re: Veeam public key
Hello,
good to hear. The alternative would be to use the "nosnap" package which works without kernel module. The nosnap package does not have the change block tracking driver which makes Veeam agent for Linux "cool", but it might be good enough for your use-case
https://repository.veeam.com/backup/lin ... am-nosnap/
Best regards,
Hannes
good to hear. The alternative would be to use the "nosnap" package which works without kernel module. The nosnap package does not have the change block tracking driver which makes Veeam agent for Linux "cool", but it might be good enough for your use-case
https://repository.veeam.com/backup/lin ... am-nosnap/
Best regards,
Hannes
Who is online
Users browsing this forum: No registered users and 15 guests