[ale] Secure NFS
Bjorn Dittmer-Roche
bjorn at sccs.swarthmore.edu
Mon Mar 15 15:09:22 EST 2004
On Mon, 15 Mar 2004, Emil P. Man wrote:
> ALErs,
>
> I recently had a failure on my laptop; the reiserfs tree got messed up
> on my laptop. I want to protect myself somewhat from this happening
> again, especially since I have a lot of important school work on this
> laptop. Also, I do some work from my home desktop and I would like to
> keep documents synchonized. On the synban.com server I have a tape
> back-up drive that will help me do backups of this stuff. So what I
> would like to do is export an NFS directory from the server and mount
> that dir on my laptop and the desktop. This way I can backup that
> directory once a week with a cron job and also keep my stuff well
> synchronized.
> Now, I would like to give access to this NFS shared directory to my home
> network which will be easy enough. The problem comes with giving access
> to the KSU domain to that NFS directory. If I give read/write access to
NFS is not really designed to be secure, although I've heard positive
things about the latest NFS versions that might let you do what you want.
You might want to consider using rsync (over ssh) instead.
Another option is to encrypt all your NFS ports by "tunneling" through
ssh.
Sun used to make "web-nfs" as well but I think that's long discontinued.
Finally, you might want to consider WebDAV on an http server (optionally
over ssl, but at least with digest passwords). My experiences with WebDAV
on Linux, though, have note been that good.
bjorn
More information about the Ale
mailing list