[ale] Secure NFS

Geoffrey esoteric at 3times25.net
Mon Mar 15 13:23:06 EST 2004


Emil P. Man wrote:
> ALErs,
> 
> I recently had a failure on my laptop; the reiserfs tree got messed up 
> on my laptop. I want to protect myself somewhat from this happening 
> again, especially since I have a lot of important school work on this 
> laptop. Also, I do some work from my home desktop and I would like to 
> keep documents synchonized. On the synban.com server I have a tape 
> back-up drive that will help me do backups of this stuff. So what I 
> would like to do is export an NFS directory from the server and mount 
> that dir on my laptop and the desktop. This way I can backup that 
> directory once a week with a cron job and also keep my stuff well 
> synchronized.
> Now, I would like to give access to this NFS shared directory to my home 
> network which will be easy enough. The problem comes with giving access 
> to the KSU domain to that NFS directory. If I give read/write access to 
> all the KSU domain (b/c my IP on the laptop changes constantly), this is 
> a security risk. Any ideas on how I can give access to myself from 
> outside to NFS? How can I accomplish my goal? Can LDAP help me in this 
> situation? I have learned the basics of LDAP but I have never actually 
> implemented it. If this will solve my dilema, I will go more in-depth 
> and learn LDAP.

If all you want to do is provide a cron backup solution, set up ssh and 
tar the backup from one machine to the other, as in:

tar cvf - . | ssh -l userid machinetoholdthebackup "cat > backup.tar"

-- 
Until later, Geoffrey                     Registered Linux User #108567
Building secure systems inspite of Microsoft



More information about the Ale mailing list